Sheet1

Exploits
Err:510

Name
Disclosure Date Rank
Description
------------------ -------------aix/local/ibstat_path
2013-09-24
excellent ibstat $PATH Privilege Escalation
aix/rpc_cmsd_opcode21
2009-10-07
great
AIX Calendar Manager Service Daemon (rpc.cm
aix/rpc_ttdbserverd_realpath
2009-06-17
great
ToolTalk rpc.ttdbserverd _tt_internal_realpath Bu
android/browser/samsung_knox_smdm_url
2014-11-12
excellent Samsung Galaxy KNOX Android Brow
android/browser/webview_addjavascriptinterface
2012-12-21
excellent Android Browser and WebView addJa
android/fileformat/adobe_reader_pdf_js_interface
2014-04-13
good
Adobe Reader for Android addJavascrip
android/local/futex_requeue
2014-05-03
excellent Android 'Towelroot' Futex Requeue Kernel Exp
apple_ios/browser/safari_libtiff
2006-08-01
good
Apple iOS MobileSafari LibTIFF Buffer Overflow
apple_ios/email/mobilemail_libtiff
2006-08-01
good
Apple iOS MobileMail LibTIFF Buffer Overflow
apple_ios/ssh/cydia_default_ssh
2007-07-02
excellent Apple iOS Default SSH Password Vulnerabili
bsdi/softcart/mercantec_softcart
2004-08-19
great
Mercantec SoftCart CGI Overflow
dialup/multi/login/manyargs
2001-12-12
good
System V Derived /bin/login Extraneous Argume
firefox/local/exec_shellcode
2014-03-10
normal Firefox Exec Shellcode from Privileged Javascri
freebsd/ftp/proftp_telnet_iac
2010-11-01
great
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Ove
freebsd/local/mmap
2013-06-18
great
FreeBSD 9 Address Space Manipulation Privilege
freebsd/misc/citrix_netscaler_soap_bof
2014-09-22
normal Citrix NetScaler SOAP Handler Remote Co
freebsd/samba/trans2open
2003-04-07
great
Samba trans2open Overflow (*BSD x86)
freebsd/tacacs/xtacacsd_report
2008-01-08
average XTACACSD report() Buffer Overflow
freebsd/telnet/telnet_encrypt_keyid
2011-12-23
great
FreeBSD Telnet Service Encryption Key ID Bu
hpux/lpd/cleanup_exec
2002-08-28
excellent HP-UX LPD Command Execution
irix/lpd/tagprinter_exec
2001-09-01
excellent Irix LPD tagprinter Command Execution
linux/antivirus/escan_password_exec
2014-04-04
excellent eScan Web Management Console Comma
linux/browser/adobe_flashplayer_aslaunch
2008-12-17
good
Adobe Flash Player ActionScript Launch
linux/ftp/proftp_sreplace
2006-11-26
great
ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linu
linux/ftp/proftp_telnet_iac
2010-11-01
great
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overfl
linux/games/ut2004_secure
2004-06-18
good
Unreal Tournament 2004 "secure" Overflow (Li
linux/http/accellion_fta_getstatus_oauth
2015-07-10
excellent Accellion FTA getStatus verify_oauth_token
linux/http/airties_login_cgi_bof
2015-03-31
normal Airties login-cgi Buffer Overflow
linux/http/alcatel_omnipcx_mastercgi_exec
2007-09-09
manual Alcatel-Lucent OmniPCX Enterprise mas
linux/http/alienvault_sqli_exec
2014-04-24
excellent AlienVault OSSIM SQL Injection and Remote C
linux/http/astium_sqli_upload
2013-09-17
manual Astium Remote Code Execution
linux/http/belkin_login_bof
2014-05-09
normal Belkin Play N750 login.cgi Buffer Overflow
linux/http/centreon_sqli_exec
2014-10-15
excellent Centreon SQL and Command Injection
linux/http/cfme_manageiq_evm_upload_exec
2013-09-04
normal Red Hat CloudForms Management En
linux/http/ddwrt_cgibin_exec
2009-07-20
excellent DD-WRT HTTP Daemon Arbitrary Command E
linux/http/dlink_authentication_cgi_bof
2013-02-08
normal D-Link authentication.cgi Buffer Overflow
linux/http/dlink_command_php_exec_noauth
2013-02-04
excellent D-Link Devices Unauthenticated Remo
linux/http/dlink_diagnostic_exec_noauth
2013-03-05
excellent D-Link DIR-645 / DIR-815 diagnostic.php C
linux/http/dlink_dir300_exec_telnet
2013-04-22
excellent D-Link Devices Unauthenticated Remote Com
linux/http/dlink_dir605l_captcha_bof
2012-10-08
manual D-Link DIR-605L Captcha Handling Buffer O
linux/http/dlink_dir615_up_exec
2013-02-07
excellent D-Link DIR615h OS Command Injection
linux/http/dlink_dspw215_info_cgi_bof
2014-05-22
normal D-Link info.cgi POST Request Buffer Overf
linux/http/dlink_hedwig_cgi_bof
2013-02-08
normal D-Link hedwig.cgi Buffer Overflow in Cookie H
linux/http/dlink_hnap_bof
2014-05-15
normal D-Link HNAP Request Remote Buffer Overflow
Page 1

Sheet1

linux/http/dlink_hnap_header_exec_noauth
2015-02-13
normal D-Link Devices HNAP SOAPAction-Hea
linux/http/dlink_upnp_exec_noauth
2013-07-05
normal D-Link Devices UPnP SOAP Command Exe
linux/http/dolibarr_cmd_exec
2012-04-06
excellent Dolibarr ERP/CRM Post-Auth OS Command In
linux/http/dreambox_openpli_shell
2013-02-08
great
OpenPLI Webif Arbitrary Command Execution
linux/http/esva_exec
2012-08-16
excellent E-Mail Security Virtual Appliance learn-msg.cgi Co
linux/http/f5_icontrol_exec
2013-09-17
excellent F5 iControl Remote Root Command Execution
linux/http/foreman_openstack_satellite_code_exec
2013-06-06
normal Foreman (Red Hat OpenStack/Satelli
linux/http/fritzbox_echo_exec
2014-02-11
excellent Fritz!Box Webcm Unauthenticated Command I
linux/http/gitlist_exec
2014-06-30
excellent Gitlist Unauthenticated Remote Command Executio
linux/http/gpsd_format_string
2005-05-25
average Berlios GPSD Format String Vulnerability
linux/http/groundwork_monarch_cmd_exec
2013-03-08
excellent GroundWork monarch_scan.cgi OS Co
linux/http/hp_system_management
2012-09-01
normal HP System Management Anonymous Acce
linux/http/kloxo_sqli
2014-01-28
manual Kloxo SQL Injection and Remote Code Execution
linux/http/lifesize_uvc_ping_rce
2014-03-21
excellent LifeSize UVC Authenticated RCE via Ping
linux/http/linksys_apply_cgi
2005-09-13
great
Linksys WRT54 Access Point apply.cgi Buffer Ove
linux/http/linksys_e1500_apply_exec
2013-02-05
excellent Linksys E1500/E2500 apply.cgi Remote Co
linux/http/linksys_themoon_exec
2014-02-13
excellent Linksys E-Series TheMoon Remote Comman
linux/http/linksys_wrt110_cmd_exec
2013-07-12
excellent Linksys Devices pingstr Remote Command
linux/http/linksys_wrt160nv2_apply_exec
2013-02-11
excellent Linksys WRT160nv2 apply.cgi Remote Co
linux/http/linksys_wrt54gl_apply_exec
2013-01-18
manual Linksys WRT54GL apply.cgi Command Exe
linux/http/multi_ncc_ping_exec
2015-02-26
normal D-Link/TRENDnet NCC Service Command Inj
linux/http/mutiny_frontend_upload
2013-05-15
excellent Mutiny 5 Arbitrary File Upload
linux/http/netgear_dgn1000b_setup_exec
2013-02-06
excellent Netgear DGN1000B setup.cgi Remote C
linux/http/netgear_dgn2200b_pppoe_exec
2013-02-15
manual Netgear DGN2200B pppoe.cgi Remote
linux/http/netgear_readynas_exec
2013-07-12
manual NETGEAR ReadyNAS Perl Code Evaluatio
linux/http/nginx_chunked_size
2013-05-07
normal Nginx HTTP Server 1.3.9-1.4.0 Chunked Enco
linux/http/openfiler_networkcard_exec
2012-09-04
excellent Openfiler v2.x NetworkCard Command Exe
linux/http/pandora_fms_exec
2014-01-29
excellent Pandora FMS Remote Code Execution
linux/http/pandora_fms_sqli
2014-02-01
excellent Pandora FMS Default Credential / SQLi Remot
linux/http/peercast_url
2006-03-08
average PeerCast URL Handling Buffer Overflow
linux/http/pineapp_ldapsyncnow_exec
2013-07-26
excellent PineApp Mail-SeCure ldapsyncnow.php A
linux/http/pineapp_livelog_exec
2013-07-26
excellent PineApp Mail-SeCure livelog.html Arbitrary Co
linux/http/pineapp_test_li_conn_exec
2013-07-26
excellent PineApp Mail-SeCure test_li_connection.ph
linux/http/piranha_passwd_exec
2000-04-04
excellent RedHat Piranha Virtual Server Package pass
linux/http/raidsonic_nas_ib5220_exec_noauth
2013-02-04
manual Raidsonic NAS Devices Unauthenticat
linux/http/railo_cfml_rfi
2014-08-26
excellent Railo Remote File Include
linux/http/realtek_miniigd_upnp_exec_noauth
2015-04-24
normal Realtek SDK Miniigd UPnP SOAP Com
linux/http/seagate_nas_php_exec_noauth
2015-03-01
normal Seagate Business NAS Unauthenticated
linux/http/smt_ipmi_close_window_bof
2013-11-06
good
Supermicro Onboard IPMI close_window.c
linux/http/sophos_wpa_iface_exec
2014-04-08
excellent Sophos Web Protection Appliance Interface
linux/http/sophos_wpa_sblistpack_exec
2013-09-06
excellent Sophos Web Protection Appliance sblistp
linux/http/symantec_web_gateway_exec
2012-05-17
excellent Symantec Web Gateway 5.0.2.8 ipchan
linux/http/symantec_web_gateway_file_upload
2012-05-17
excellent Symantec Web Gateway 5.0.2.8 Arbitr
linux/http/symantec_web_gateway_lfi
2012-05-17
excellent Symantec Web Gateway 5.0.2.8 relfile File
linux/http/symantec_web_gateway_pbcontrol
2012-07-23
excellent Symantec Web Gateway 5.0.2.18 pbco
linux/http/symantec_web_gateway_restore
2014-12-16
excellent Symantec Web Gateway 5 restore.php
linux/http/synology_dsm_sliceupload_exec_noauth
2013-10-31
excellent Synology DiskStation Manager SLIC
linux/http/vap2500_tools_command_exec
2014-11-25
normal Arris VAP2500 tools_command.php Com
linux/http/vcms_upload
2011-11-27
excellent V-CMS PHP File Upload and Execute
Page 2

Sheet1

linux/http/wanem_exec
2012-08-12
excellent WAN Emulator v2.3 Command Execution
linux/http/webcalendar_settings_exec
2012-04-23
excellent WebCalendar 1.2.4 Pre-Auth Remote Code
linux/http/webid_converter
2011-07-05
excellent WeBid converter.php Remote PHP Code Injectio
linux/http/zabbix_sqli
2013-09-23
excellent Zabbix 2.0.8 SQL Injection and Remote Code Exec
linux/http/zen_load_balancer_exec
2012-09-14
excellent ZEN Load Balancer Filelog Command Exec
linux/http/zenoss_showdaemonxmlconfig_exec
2012-07-30
good
Zenoss 3 showDaemonXMLConfig Co
linux/ids/alienvault_centerd_soap_exec
2014-05-05
excellent AlienVault OSSIM av-centerd Command In
linux/ids/snortbopre
2005-10-18
good
Snort Back Orifice Pre-Preprocessor Buffer Overflo
linux/imap/imap_uw_lsub
2000-04-16
good
UoW IMAP Server LSUB Buffer Overflow
linux/local/desktop_privilege_escalation
2014-08-07
excellent Desktop Linux Password Stealer and Privile
linux/local/hp_smhstart
2013-03-30
normal HP System Management Homepage Local Privile
linux/local/kloxo_lxsuexec
2012-09-18
normal Kloxo Local Privilege Escalation
linux/local/pkexec
2011-04-01
great
Linux PolicyKit Race Condition Privilege Escalation
linux/local/sock_sendpage
2009-08-13
great
Linux Kernel Sendpage Local Privilege Escalatio
linux/local/sophos_wpa_clear_keys
2013-09-06
excellent Sophos Web Protection Appliance clear_ke
linux/local/udev_netlink
2009-04-16
great
Linux udev Netlink Local Privilege Escalation
linux/local/vmware_mount
2013-08-22
normal VMWare Setuid vmware-mount Unsafe popen(
linux/local/zpanel_zsudo
2013-06-07
excellent ZPanel zsudo Local Privilege Escalation Exploit
linux/misc/accellion_fta_mpipe2
2011-02-07
excellent Accellion FTA MPIPE2 Command Execution
linux/misc/drb_remote_codeexec
2011-03-23
excellent Distributed Ruby Send instance_eval/sysca
linux/misc/gld_postfix
2005-04-12
good
GLD (Greylisting Daemon) Postfix Buffer Overflow
linux/misc/hikvision_rtsp_bof
2014-11-19
normal Hikvision DVR RTSP Request Remote Code Ex
linux/misc/hp_data_protector_cmd_exec
2011-02-07
excellent HP Data Protector 6 EXEC_CMD Remot
linux/misc/hp_nnmi_pmd_bof
2014-09-09
normal HP Network Node Manager I PMD Buffer Ov
linux/misc/hp_vsa_login_bof
2013-06-28
normal HP StorageWorks P4000 Virtual SAN Applianc
linux/misc/hplip_hpssd_exec
2007-10-04
excellent HPLIP hpssd.py From Address Arbitrary Comm
linux/misc/ib_inet_connect
2007-10-03
good
Borland InterBase INET_connect() Buffer Overflo
linux/misc/ib_jrd8_create_database
2007-10-03
good
Borland InterBase jrd8_create_database() B
linux/misc/ib_open_marker_file
2007-10-03
good
Borland InterBase open_marker_file() Buffer O
linux/misc/ib_pwd_db_aliased
2007-10-03
good
Borland InterBase PWD_db_aliased() Buffer O
linux/misc/lprng_format_string
2000-09-25
normal LPRng use_syslog Remote Format String Vuln
linux/misc/mongod_native_helper
2013-03-24
normal MongoDB nativeHelper.apply Remote Code
linux/misc/nagios_nrpe_arguments
2013-02-21
excellent Nagios Remote Plugin Executor Arbitrary C
linux/misc/netsupport_manager_agent
2011-01-08
average NetSupport Manager Agent Remote Buff
linux/misc/novell_edirectory_ncp_bof
2012-12-12
normal Novell eDirectory 8 Buffer Overflow
linux/misc/sercomm_exec
2013-12-31
great
SerComm Device Remote Code Execution
linux/misc/zabbix_server_exec
2009-09-10
excellent Zabbix Server Arbitrary Command Execution
linux/mysql/mysql_yassl_getname
2010-01-25
good
MySQL yaSSL CertDecoder::GetName Buff
linux/mysql/mysql_yassl_hello
2008-01-04
good
MySQL yaSSL SSL Hello Message Buffer Ove
linux/pop3/cyrus_pop3d_popsubfolders
2006-05-21
normal Cyrus IMAPD pop3d popsubfolders USER
linux/postgres/postgres_payload
2007-06-05
excellent PostgreSQL for Linux Payload Execution
linux/pptp/poptop_negative_read
2003-04-09
great
Poptop Negative Read Overflow
linux/proxy/squid_ntlm_authenticate
2004-06-08
great
Squid NTLM Authenticate Overflow
linux/samba/chain_reply
2010-06-16
good
Samba chain_reply Memory Corruption (Linux x8
linux/samba/lsa_transnames_heap
2007-05-14
good
Samba lsa_io_trans_names Heap Overflow
linux/samba/setinfopolicy_heap
2012-04-10
normal Samba SetInformationPolicy AuditEventsInfo
linux/samba/trans2open
2003-04-07
great
Samba trans2open Overflow (Linux x86)
linux/smtp/exim4_dovecot_exec
2013-05-03
excellent Exim and Dovecot Insecure Configuration C
linux/smtp/exim_gethostbyname_bof
2015-01-27
great
Exim GHOST (glibc gethostbyname) Buffer
Page 3

Sheet1

linux/ssh/ceragon_fibeair_known_privkey
2015-04-01
excellent Ceragon FibeAir IP-10 SSH Private Key E
linux/ssh/f5_bigip_known_privkey
2012-06-11
excellent F5 BIG-IP SSH Private Key Exposure
linux/ssh/loadbalancerorg_enterprise_known_privkey
2014-03-17
excellent Loadbalancer.org Enterprise VA SSH
linux/ssh/quantum_dxi_known_privkey
2014-03-17
excellent Quantum DXi V1000 SSH Private Key Ex
linux/ssh/quantum_vmpro_backdoor
2014-03-17
excellent Quantum vmPRO Backdoor Command
linux/ssh/symantec_smg_ssh
2012-08-27
excellent Symantec Messaging Gateway 9.5 Default S
linux/telnet/telnet_encrypt_keyid
2011-12-23
great
Linux BSD-derived Telnet Service Encryption Ke
linux/upnp/dlink_upnp_msearch_exec
2013-02-01
excellent D-Link Unauthenticated UPnP M-SEARC
linux/upnp/miniupnpd_soap_bof
2013-03-27
normal MiniUPnPd 1.0 Stack Buffer Overflow Remo
multi/browser/adobe_flash_hacking_team_uaf
2015-07-06
great
Adobe Flash Player ByteArray Use Afte
multi/browser/adobe_flash_nellymoser_bof
2015-06-23
great
Adobe Flash Player Nellymoser Audio De
multi/browser/adobe_flash_net_connection_confusion
2015-03-12
great
Adobe Flash Player NetConnection T
multi/browser/adobe_flash_opaque_background_uaf
2015-07-06
normal Adobe Flash opaqueBackground U
multi/browser/adobe_flash_pixel_bender_bof
2014-04-28
great
Adobe Flash Player Shader Buffer Overf
multi/browser/adobe_flash_shader_drawing_fill
2015-05-12
great
Adobe Flash Player Drawing Fill Shader
multi/browser/adobe_flash_shader_job_overflow
2015-05-12
great
Adobe Flash Player ShaderJob Buffer
multi/browser/adobe_flash_uncompress_zlib_uaf
2014-04-28
great
Adobe Flash Player ByteArray Uncomp
multi/browser/firefox_escape_retval
2009-07-13
normal Firefox 3.5 escape() Return Value Memory C
multi/browser/firefox_proto_crmfrequest
2013-08-06
excellent Firefox 5.0 - 15.0.1 __exposedProps__ XC
multi/browser/firefox_proxy_prototype
2014-01-20
manual Firefox Proxy Prototype Privileged Javascri
multi/browser/firefox_queryinterface
2006-02-02
normal Firefox location.QueryInterface() Code Execu
multi/browser/firefox_svg_plugin
2013-01-08
excellent Firefox 17.0.1 Flash Privileged Code Injection
multi/browser/firefox_tostring_console_injection
2013-05-14
excellent Firefox toString console.time Privileged J
multi/browser/firefox_webidl_injection
2014-03-17
excellent Firefox WebIDL Privileged Javascript Injectio
multi/browser/firefox_xpi_bootstrapped_addon
2007-06-27
excellent Mozilla Firefox Bootstrapped Addon So
multi/browser/itms_overflow
2009-06-01
great
Apple OS X iTunes 8.1.1 ITMS Overflow
multi/browser/java_atomicreferencearray
2012-02-14
excellent Java AtomicReferenceArray Type Violatio
multi/browser/java_calendar_deserialize
2008-12-03
excellent Sun Java Calendar Deserialization Privileg
multi/browser/java_getsoundbank_bof
2009-11-04
great
Sun Java JRE getSoundbank file:// URI Bu
multi/browser/java_jre17_driver_manager
2013-01-10
excellent Java Applet Driver Manager Privileged to
multi/browser/java_jre17_exec
2012-08-26
excellent Java 7 Applet Remote Code Execution
multi/browser/java_jre17_glassfish_averagerangestatisticimpl 2012-10-16
excellent Java Applet AverageRangeStatisti
multi/browser/java_jre17_jaxws
2012-10-16
excellent Java Applet JAX-WS Remote Code Execution
multi/browser/java_jre17_jmxbean
2013-01-10
excellent Java Applet JMX Remote Code Execution
multi/browser/java_jre17_jmxbean_2
2013-01-19
excellent Java Applet JMX Remote Code Execution
multi/browser/java_jre17_method_handle
2012-10-16
excellent Java Applet Method Handle Remote Cod
multi/browser/java_jre17_provider_skeleton
2013-06-18
great
Java Applet ProviderSkeleton Insecure Inv
multi/browser/java_jre17_reflection_types
2013-01-10
excellent Java Applet Reflection Type Confusion Re
multi/browser/java_rhino
2011-10-18
excellent Java Applet Rhino Script Engine Remote Code E
multi/browser/java_rmi_connection_impl
2010-03-31
excellent Java RMIConnectionImpl Deserialization
multi/browser/java_setdifficm_bof
2009-11-04
great
Sun Java JRE AWT setDiffICM Buffer Overflow
multi/browser/java_signed_applet
1997-02-19
excellent Java Signed Applet Social Engineering Code
multi/browser/java_storeimagearray
2013-08-12
great
Java storeImageArray() Invalid Array Indexin
multi/browser/java_trusted_chain
2010-03-31
excellent Java Statement.invoke() Trusted Method Cha
multi/browser/java_verifier_field_access
2012-06-06
excellent Java Applet Field Bytecode Verifier Cache
multi/browser/mozilla_compareto
2005-07-13
normal Mozilla Suite/Firefox compareTo() Code Exe
multi/browser/mozilla_navigatorjava
2006-07-25
normal Mozilla Suite/Firefox Navigator Object Code
multi/browser/opera_configoverwrite
2007-03-05
excellent Opera 9 Configuration Overwrite
multi/browser/opera_historysearch
2008-10-23
excellent Opera historysearch XSS
Page 4

Sheet1

multi/browser/qtjava_pointer
2007-04-23
excellent Apple QTJava toQTPointer() Arbitrary Memory A
multi/elasticsearch/script_mvel_rce
2013-12-09
excellent ElasticSearch Dynamic Script Arbitrary Java
multi/elasticsearch/search_groovy_script
2015-02-11
excellent ElasticSearch Search Groovy Sandbox By
multi/fileformat/adobe_u3d_meshcont
2009-10-13
good
Adobe U3D CLODProgressiveMeshDeclar
multi/fileformat/js_unpacker_eval_injection
2015-02-18
excellent Javascript Injection for Eval-based Unpack
multi/fileformat/maple_maplet
2010-04-26
excellent Maple Maplet File Creation and Command Exe
multi/fileformat/nodejs_js_yaml_load_code_exec
2013-06-28
excellent Nodejs js-yaml load() Code Execution
multi/fileformat/peazip_command_injection
2009-06-05
excellent PeaZip Zip Processing Command Injectio
multi/ftp/pureftpd_bash_env_exec
2014-09-24
excellent Pure-FTPd External Authentication Bash En
multi/ftp/wuftpd_site_exec_format
2000-06-22
great
WU-FTPD SITE EXEC/INDEX Format String V
multi/gdb/gdb_server_exec
2014-08-24
great
GDB Server Remote Payload Execution
multi/handler
manual Generic Payload Handler
multi/http/activecollab_chat
2012-05-30
excellent Active Collab "chat module" Remote PHP Code
multi/http/ajaxplorer_checkinstall_exec
2010-04-04
excellent AjaXplorer checkInstall.php Remote Comma
multi/http/apache_mod_cgi_bash_env_exec
2014-09-24
good
Apache mod_cgi Bash Environment Va
multi/http/apache_roller_ognl_injection
2013-10-31
excellent Apache Roller OGNL Injection
multi/http/apprain_upload_exec
2012-01-19
excellent appRain CMF Arbitrary PHP File Upload Vuln
multi/http/auxilium_upload_exec
2012-09-14
excellent Auxilium RateMyPet Arbitrary File Upload Vul
multi/http/axis2_deployer
2010-12-30
excellent Axis2 / SAP BusinessObjects Authenticated Cod
multi/http/cisco_dcnm_upload
2013-09-18
excellent Cisco Prime Data Center Network Manager A
multi/http/coldfusion_rds
2013-08-08
great
Adobe ColdFusion 9 Administrative Login Bypass
multi/http/cups_bash_env_exec
2014-09-24
good
CUPS Filter Bash Environment Variable Code
multi/http/cuteflow_upload_exec
2012-07-27
excellent CuteFlow v2.11.2 Arbitrary File Upload Vulne
multi/http/dexter_casinoloader_exec
2014-02-08
excellent Dexter (CasinoLoader) SQL Injection
multi/http/drupal_drupageddon
2014-10-15
excellent Drupal HTTP Parameter Key/Value SQL Injec
multi/http/eaton_nsm_code_exec
2012-06-26
excellent Network Shutdown Module (sort_values) Re
multi/http/eventlog_file_upload
2014-08-31
excellent ManageEngine Eventlog Analyzer Arbitrary File
multi/http/extplorer_upload_exec
2012-12-31
excellent eXtplorer v2.1 Arbitrary File Upload Vulnerabi
multi/http/familycms_less_exec
2011-11-29
excellent Family Connections less.php Remote Comma
multi/http/freenas_exec_raw
2010-11-06
great
FreeNAS exec_raw.php Arbitrary Command Exe
multi/http/gestioip_exec
2013-10-04
excellent GestioIP Remote Command Execution
multi/http/git_client_command_exec
2014-12-18
excellent Malicious Git and Mercurial HTTP Server F
multi/http/gitlab_shell_exec
2013-11-04
excellent Gitlab-shell Code Execution
multi/http/gitorious_graph
2012-01-19
excellent Gitorious Arbitrary Command Execution
multi/http/glassfish_deployer
2011-08-04
excellent Sun/Oracle GlassFish Server Authenticated Cod
multi/http/glossword_upload_exec
2013-02-05
excellent Glossword v1.8.8 - 1.8.12 Arbitrary File Uplo
multi/http/glpi_install_rce
2013-09-12
manual GLPI install.php Remote Command Execution
multi/http/horde_href_backdoor
2012-02-13
excellent Horde 3.3.12 Backdoor Arbitrary PHP Code E
multi/http/hp_sitescope_issuesiebelcmd
2013-10-30
great
HP SiteScope issueSiebelCmd Remote Co
multi/http/hp_sitescope_uploadfileshandler
2012-08-29
good
HP SiteScope Remote Code Execution
multi/http/hp_sys_mgmt_exec
2013-06-11
excellent HP System Management Homepage JustGe
multi/http/hyperic_hq_script_console
2013-10-10
excellent VMware Hyperic HQ Groovy Script-Console
multi/http/ispconfig_php_exec
2013-10-30
excellent ISPConfig Authenticated Arbitrary PHP Code E
multi/http/jboss_bshdeployer
2010-04-26
excellent JBoss JMX Console Beanshell Deployer WAR
multi/http/jboss_deploymentfilerepository
2010-04-26
excellent JBoss Java Class DeploymentFileReposito
multi/http/jboss_invoke_deploy
2007-02-20
excellent JBoss DeploymentFileRepository WAR Deplo
multi/http/jboss_maindeployer
2007-02-20
excellent JBoss JMX Console Deployer Upload and Exe
multi/http/jboss_seam_upload_exec
2010-08-05
normal JBoss Seam 2 File Upload and Execute
multi/http/jenkins_script_console
2013-01-18
good
Jenkins Script-Console Java Execution
Page 5

Sheet1

multi/http/kordil_edms_upload_exec
2013-02-22
excellent Kordil EDMS v2.2.60rc3 Unauthenticated A
multi/http/lcms_php_exec
2011-03-03
excellent LotusCMS 3.0 eval() Remote Command Execu
multi/http/log1cms_ajax_create_folder
2011-04-11
excellent Log1 CMS writeInfo() PHP Code Injection
multi/http/manage_engine_dc_pmp_sqli
2014-06-08
excellent ManageEngine Desktop Central / Passw
multi/http/manageengine_auth_upload
2014-12-15
excellent ManageEngine Multiple Products Authent
multi/http/manageengine_search_sqli
2012-10-18
excellent ManageEngine Security Manager Plus 5.5
multi/http/mantisbt_php_exec
2014-11-08
great
MantisBT XmlImportExport Plugin PHP Code In
multi/http/mediawiki_thumb
2014-01-28
excellent MediaWiki Thumb.php Remote Command Exe
multi/http/mobilecartly_upload_exec
2012-08-10
excellent MobileCartly 1.0 Arbitrary File Creation Vuln
multi/http/moodle_cmd_exec
2013-10-30
good
Moodle Remote Command Execution
multi/http/movabletype_upgrade_exec
2013-01-07
normal Movable Type 4.2x, 4.3x Web Upgrade Re
multi/http/mutiny_subnetmask_exec
2012-10-22
excellent Mutiny Remote Command Execution
multi/http/nas4free_php_exec
2013-10-30
great
NAS4Free Arbitrary Remote Code Execution
multi/http/netwin_surgeftp_exec
2012-12-06
good
Netwin SurgeFTP Remote Command Executio
multi/http/op5_license
2012-01-05
excellent OP5 license.php Remote Command Execution
multi/http/op5_welcome
2012-01-05
excellent OP5 welcome Remote Command Execution
multi/http/openfire_auth_bypass
2008-11-10
excellent Openfire Admin Console Authentication Bypa
multi/http/openmediavault_cmd_exec
2013-10-30
excellent OpenMediaVault Cron Remote Command
multi/http/openx_backdoor_php
2013-08-07
excellent OpenX Backdoor PHP Code Execution
multi/http/opmanager_socialit_file_upload
2014-09-27
excellent ManageEngine OpManager and Social IT
multi/http/oracle_reports_rce
2014-01-15
great
Oracle Forms and Reports Remote Code Execut
multi/http/pandora_upload_exec
2010-11-30
excellent Pandora FMS v3.1 Auth Bypass and Arbitrar
multi/http/php_cgi_arg_injection
2012-05-03
excellent PHP CGI Argument Injection
multi/http/php_volunteer_upload_exec
2012-05-28
excellent PHP Volunteer Management System v1.0.
multi/http/phpldapadmin_query_engine
2011-10-24
excellent phpLDAPadmin query_engine Remote PH
multi/http/phpmoadmin_exec
2015-03-03
excellent PHPMoAdmin 1.1.2 Remote Code Execution
multi/http/phpmyadmin_3522_backdoor
2012-09-25
normal phpMyAdmin 3.5.2.2 server_sync.php B
multi/http/phpmyadmin_preg_replace
2013-04-25
excellent phpMyAdmin Authenticated Remote Code
multi/http/phpscheduleit_start_date
2008-10-01
excellent phpScheduleIt PHP reserve.php start_date P
multi/http/phptax_exec
2012-10-08
excellent PhpTax pfilez Parameter Exec Remote Code Inje
multi/http/phpwiki_ploticus_exec
2014-09-11
excellent Phpwiki Ploticus Remote Code Execution
multi/http/plone_popen2
2011-10-04
excellent Plone and Zope XMLTools Remote Command E
multi/http/pmwiki_pagelist
2011-11-09
excellent PmWiki pagelist.php Remote PHP Code Injectio
multi/http/polarcms_upload_exec
2012-01-21
excellent PolarBear CMS PHP File Upload Vulnerabili
multi/http/processmaker_exec
2013-10-24
excellent ProcessMaker Open Source Authenticated PH
multi/http/qdpm_upload_exec
2012-06-14
excellent qdPM v7 Arbitrary PHP File Upload Vulnerabi
multi/http/rails_json_yaml_code_exec
2013-01-28
excellent Ruby on Rails JSON Processor YAML Des
multi/http/rails_secret_deserialization
2013-04-11
excellent Ruby on Rails Known Secret Session Cookie
multi/http/rails_xml_yaml_code_exec
2013-01-07
excellent Ruby on Rails XML Processor YAML Deser
multi/http/rocket_servergraph_file_requestor_rce
2013-10-30
great
Rocket Servergraph Admin Center fileRe
multi/http/sflog_upload_exec
2012-07-06
excellent Sflog! CMS 1.0 Arbitrary File Upload Vulnerabi
multi/http/sit_file_upload
2011-11-10
excellent Support Incident Tracker Remote Command Exec
multi/http/snortreport_exec
2011-09-19
excellent Snortreport nmap.php/nbtscan.php Remote Com
multi/http/solarwinds_store_manager_auth_filter
2014-08-19
excellent SolarWinds Storage Manager Authentic
multi/http/sonicwall_gms_upload
2012-01-17
excellent SonicWALL GMS 6 Arbitrary File Upload
multi/http/splunk_mappy_exec
2011-12-12
excellent Splunk Search Remote Code Execution
multi/http/splunk_upload_app_exec
2012-09-27
good
Splunk Custom App Remote Code Executio
multi/http/spree_search_exec
2011-10-05
excellent Spreecommerce 0.60.1 Arbitrary Command E
multi/http/spree_searchlogic_exec
2011-04-19
excellent Spreecommerce Arbitrary Command Execut
Page 6

Sheet1

multi/http/struts_code_exec
2010-07-13
good
Apache Struts Remote Command Execution
multi/http/struts_code_exec_classloader
2014-03-06
manual Apache Struts ClassLoader Manipulation
multi/http/struts_code_exec_exception_delegator
2012-01-06
excellent Apache Struts Remote Command Exe
multi/http/struts_code_exec_parameters
2011-10-01
excellent Apache Struts ParametersInterceptor Rem
multi/http/struts_default_action_mapper
2013-07-02
excellent Apache Struts 2 DefaultActionMapper Pref
multi/http/struts_dev_mode
2012-01-06
excellent Apache Struts 2 Developer Mode OGNL Execu
multi/http/struts_include_params
2013-05-24
great
Apache Struts includeParams Remote Code E
multi/http/stunshell_eval
2013-03-23
great
STUNSHELL Web Shell Remote PHP Code Execu
multi/http/stunshell_exec
2013-03-23
great
STUNSHELL Web Shell Remote Code Execution
multi/http/sun_jsws_dav_options
2010-01-20
great
Sun Java System Web Server WebDAV OPTI
multi/http/testlink_upload_exec
2012-08-13
excellent TestLink v1.9.3 Arbitrary File Upload Vulnerabi
multi/http/tomcat_mgr_deploy
2009-11-09
excellent Apache Tomcat Manager Application Deploye
multi/http/tomcat_mgr_upload
2009-11-09
excellent Apache Tomcat Manager Authenticated Uploa
multi/http/traq_plugin_exec
2011-12-12
excellent Traq admincp/common.php Remote Code Exec
multi/http/uptime_file_upload
2013-11-19
excellent Up.Time Monitoring Station post2file.php Arbitra
multi/http/v0pcr3w_exec
2013-03-23
great
v0pCr3w Web Shell Remote Code Execution
multi/http/vbseo_proc_deutf
2012-01-23
excellent vBSEO proc_deutf() Remote PHP Code Injecti
multi/http/visual_mining_netcharts_upload
2014-11-03
excellent Visual Mining NetCharts Server Remote C
multi/http/vtiger_install_rce
2014-03-05
manual Vtiger Install Unauthenticated Remote Command
multi/http/vtiger_php_exec
2013-10-30
excellent vTigerCRM v5.4.0/v5.3.0 Authenticated Remote
multi/http/vtiger_soap_upload
2013-03-26
excellent vTiger CRM SOAP AddEmailAttachment Arbitr
multi/http/webpagetest_upload_exec
2012-07-13
excellent WebPageTest Arbitrary PHP File Upload
multi/http/wikka_spam_exec
2011-11-30
excellent WikkaWiki 1.3.2 Spam Logging PHP Injection
multi/http/x7chat2_php_exec
2014-10-27
excellent X7 Chat 2.0.5 lib/message.php preg_replace()
multi/http/zabbix_script_exec
2013-10-30
excellent Zabbix Authenticated Remote Command Execu
multi/http/zenworks_configuration_management_upload
2015-04-07
excellent Novell ZENworks Configuration M
multi/http/zenworks_control_center_upload
2013-03-22
great
Novell ZENworks Configuration Managem
multi/ids/snort_dce_rpc
2007-02-19
good
Snort 2 DCE/RPC Preprocessor Buffer Overflow
multi/misc/arkeia_agent_exec
2015-07-10
great
Western Digital Arkeia Remote Code Execution
multi/misc/batik_svg_java
2012-05-11
excellent Squiggle 1.7 SVG Browser Java Code Execution
multi/misc/hp_data_protector_exec_integutil
2014-10-02
great
HP Data Protector EXEC_INTEGUTIL Re
multi/misc/hp_vsa_exec
2011-11-11
excellent HP StorageWorks P4000 Virtual SAN Appliance
multi/misc/indesign_server_soap
2012-11-11
excellent Adobe IndesignServer 5.5 SOAP Server Arb
multi/misc/java_jdwp_debugger
2010-03-12
good
Java Debug Wire Protocol Remote Code Exe
multi/misc/java_jmx_server
2013-05-22
excellent Java JMX Server Insecure Configuration Java C
multi/misc/java_rmi_server
2011-10-15
excellent Java RMI Server Insecure Default Configuration
multi/misc/openview_omniback_exec
2001-02-28
excellent HP OpenView OmniBack II Command Ex
multi/misc/pbot_exec
2009-11-02
excellent PHP IRC Bot pbot eval() Remote Code Execution
multi/misc/persistent_hpca_radexec_exec
2014-01-02
great
HP Client Automation Command Injection
multi/misc/ra1nx_pubcall_exec
2013-03-24
great
Ra1NX PHP Bot PubCall Authentication Bypas
multi/misc/veritas_netbackup_cmdexec
2004-10-21
excellent VERITAS NetBackup Remote Command
multi/misc/wireshark_lwres_getaddrbyname
2010-01-27
great
Wireshark LWRES Dissector getaddrsby
multi/misc/wireshark_lwres_getaddrbyname_loop
2010-01-27
great
Wireshark LWRES Dissector getaddrs
multi/misc/zend_java_bridge
2011-03-28
great
Zend Server Java Bridge Arbitrary Java Code E
multi/ntp/ntp_overflow
2001-04-04
good
NTP Daemon readvar Buffer Overflow
multi/php/php_unserialize_zval_cookie
2007-03-04
average PHP 4 unserialize() ZVAL Reference Coun
multi/realserver/describe
2002-12-20
great
RealServer Describe Buffer Overflow
multi/samba/nttrans
2003-04-07
average Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow
multi/samba/usermap_script
2007-05-14
excellent Samba "username map script" Command Exe
Page 7

Sheet1

multi/sap/sap_mgmt_con_osexec_payload
2011-03-08
excellent SAP Management Console OSExecut
multi/sap/sap_soap_rfc_sxpg_call_system_exec
2013-03-26
great
SAP SOAP RFC SXPG_CALL_SYSTE
multi/sap/sap_soap_rfc_sxpg_command_exec
2012-05-08
great
SAP SOAP RFC SXPG_COMMAND_
multi/script/web_delivery
2013-07-19
manual Script Web Delivery
multi/ssh/sshexec
1999-01-01
manual SSH User Code Execution
multi/svn/svnserve_date
2004-05-19
average Subversion Date Svnserve
multi/upnp/libupnp_ssdp_overflow
2013-01-29
normal Portable UPnP SDK unique_service_name(
multi/vnc/vnc_keyboard_exec
2015-07-10
great
VNC Keyboard Remote Code Execution
multi/vpn/tincd_bof
2013-04-22
average Tincd Post-Authentication Remote TCP Stack Buff
multi/wyse/hagent_untrusted_hsdata
2009-07-10
excellent Wyse Rapport Hagent Fake Hserver Comm
netware/smb/lsass_cifs
2007-01-21
average Novell NetWare LSASS CIFS.NLM Driver Stack
netware/sunrpc/pkernel_callit
2009-09-30
good
NetWare 6.5 SunRPC Portmapper CALLIT Stac
osx/afp/loginext
2004-05-03
average AppleFileServer LoginExt PathName Overflow
osx/arkeia/type77
2005-02-18
average Arkeia Backup Client Type 77 Overflow (Mac OS X
osx/browser/mozilla_mchannel
2011-05-10
normal Mozilla Firefox 3.6.16 mChannel Use-After-F
osx/browser/safari_file_policy
2011-10-12
normal Apple Safari file:// Arbitrary Code Execution
osx/browser/safari_metadata_archive
2006-02-21
excellent Safari Archive Metadata Command Execu
osx/browser/safari_user_assisted_download_launch
2014-03-10
manual Safari User-Assisted Download and
osx/browser/software_update
2007-12-17
excellent Apple OS X Software Update Command Exec
osx/email/mailapp_image_exec
2006-03-01
manual Mail.app Image Attachment Command Exec
osx/ftp/webstar_ftp_user
2004-07-13
average WebSTAR FTP Server USER Overflow
osx/http/evocam_webserver
2010-06-01
average MacOS X EvoCam HTTP GET Buffer Overflo
osx/local/iokit_keyboard_root
2014-09-24
manual Mac OS X IOKit Keyboard Driver Root Privileg
osx/local/nfs_mount_root
2014-04-11
normal Mac OS X NFS Mount Privilege Escalation Expl
osx/local/persistence
2012-04-01
excellent Mac OS X Persistent Payload Installer
osx/local/rootpipe
2015-04-09
great
Apple OS X Rootpipe Privilege Escalation
osx/local/setuid_tunnelblick
2012-08-11
excellent Setuid Tunnelblick Privilege Escalation
osx/local/setuid_viscosity
2012-08-12
excellent Viscosity setuid-set ViscosityHelper Privilege Esc
osx/local/sudo_password_bypass
2013-02-28
normal Mac OS X Sudo Password Bypass
osx/local/vmware_bash_function_root
2014-09-24
normal OS X VMWare Fusion Privilege Escalation
osx/mdns/upnp_location
2007-05-25
average Mac OS X mDNSResponder UPnP Location O
osx/misc/ufo_ai
2009-10-28
average UFO: Alien Invasion IRC Client Buffer Overflow
osx/rtsp/quicktime_rtsp_content_type
2007-11-23
average MacOS X QuickTime RTSP Content-Type
osx/samba/lsa_transnames_heap
2007-05-14
average Samba lsa_io_trans_names Heap Overflo
osx/samba/trans2open
2003-04-07
great
Samba trans2open Overflow (Mac OS X PPC)
solaris/dtspcd/heap_noir
2002-07-10
great
Solaris dtspcd Heap Overflow
solaris/lpd/sendmail_exec
2001-08-31
excellent Solaris LPD Command Execution
solaris/samba/lsa_transnames_heap
2007-05-14
average Samba lsa_io_trans_names Heap Overflo
solaris/samba/trans2open
2003-04-07
great
Samba trans2open Overflow (Solaris SPARC)
solaris/sunrpc/sadmind_adm_build_path
2008-10-14
great
Sun Solaris sadmind adm_build_path() Bu
solaris/sunrpc/sadmind_exec
2003-09-13
excellent Solaris sadmind Command Execution
solaris/sunrpc/ypupdated_exec
1994-12-12
excellent Solaris ypupdated Command Execution
solaris/telnet/fuser
2007-02-12
excellent Sun Solaris Telnet Remote Authentication Bypass V
solaris/telnet/ttyprompt
2002-01-18
excellent Solaris in.telnetd TTYPROMPT Buffer Overflow
unix/dhcp/bash_environment
2014-09-24
excellent Dhclient Bash Environment Variable Injection
unix/ftp/proftpd_133c_backdoor
2010-12-02
excellent ProFTPD-1.3.3c Backdoor Command Execut
unix/ftp/proftpd_modcopy_exec
2015-04-22
excellent ProFTPD 1.3.5 Mod_Copy Command Execu
unix/ftp/vsftpd_234_backdoor
2011-07-03
excellent VSFTPD v2.3.4 Backdoor Command Executio
unix/http/contentkeeperweb_mimencode
2009-02-25
excellent ContentKeeper Web Remote Command
Page 8

Sheet1

unix/http/ctek_skyrouter
2011-09-08
average CTEK SkyRouter 4200 and 4300 Command Exe
unix/http/freepbx_callmenum
2012-03-20
manual FreePBX 2.10.0 / 2.9.0 callmenum Remote C
unix/http/lifesize_room
2011-07-13
excellent LifeSize Room Command Injection
unix/http/twiki_debug_plugins
2014-10-09
excellent TWiki Debugenableplugins Remote Code Exec
unix/http/vmturbo_vmtadmin_exec_noauth
2014-06-25
excellent VMTurbo Operations Manager vmtadm
unix/irc/unreal_ircd_3281_backdoor
2010-06-12
excellent UnrealIRCD 3.2.8.1 Backdoor Command E
unix/local/setuid_nmap
2012-07-19
excellent Setuid Nmap Exploit
unix/misc/distcc_exec
2002-02-01
excellent DistCC Daemon Command Execution
unix/misc/qnx_qconn_exec
2012-09-04
excellent QNX QCONN Remote Command Execution V
unix/misc/spamassassin_exec
2006-06-06
excellent SpamAssassin spamd Remote Command E
unix/misc/xerox_mfp
2012-03-07
good
Xerox Multifunction Printers (MFP) "Patch" DLM V
unix/misc/zabbix_agent_exec
2009-09-10
excellent Zabbix Agent net.tcp.listen Command Injectio
unix/smtp/clamav_milter_blackhole
2007-08-24
excellent ClamAV Milter Blackhole-Mode Remote Co
unix/smtp/exim4_string_format
2010-12-07
excellent Exim4 string_format Function Heap Buffer Ov
unix/ssh/array_vxag_vapv_privkey_privesc
2014-02-03
excellent Array Networks vAPV and vxAG Private
unix/ssh/tectia_passwd_changereq
2012-12-01
excellent Tectia SSH USERAUTH Change Request
unix/webapp/actualanalyzer_ant_cookie_exec
2014-08-28
excellent ActualAnalyzer 'ant' Cookie Command
unix/webapp/arkeia_upload_exec
2013-09-16
excellent Western Digital Arkeia Remote Code Execu
unix/webapp/awstats_configdir_exec
2005-01-15
excellent AWStats configdir Remote Command Exec
unix/webapp/awstats_migrate_exec
2006-05-04
excellent AWStats migrate Remote Command Exec
unix/webapp/awstatstotals_multisort
2008-08-26
excellent AWStats Totals multisort Remote Command
unix/webapp/barracuda_img_exec
2005-09-01
excellent Barracuda IMG.PL Remote Command Exe
unix/webapp/base_qry_common
2008-06-14
excellent BASE base_qry_common Remote File Inc
unix/webapp/basilic_diff_exec
2012-06-28
excellent Basilic 1.5.14 diff.php Arbitrary Command Exe
unix/webapp/cacti_graphimage_exec
2005-01-15
excellent Cacti graph_view.php Remote Command
unix/webapp/cakephp_cache_corruption
2010-11-15
excellent CakePHP Cache Corruption Code Exec
unix/webapp/carberp_backdoor_exec
2013-06-28
great
Carberp Web Panel C2 Backdoor Remote
unix/webapp/citrix_access_gateway_exec
2010-12-21
excellent Citrix Access Gateway Command Execu
unix/webapp/clipbucket_upload_exec
2013-10-04
excellent ClipBucket Remote Code Execution
unix/webapp/coppermine_piceditor
2008-01-30
excellent Coppermine Photo Gallery picEditor.php Co
unix/webapp/datalife_preview_exec
2013-01-28
excellent DataLife Engine preview.php PHP Code In
unix/webapp/dogfood_spell_exec
2009-03-03
excellent Dogfood CRM spell.php Remote Command
unix/webapp/egallery_upload_exec
2012-07-08
excellent EGallery PHP File Upload Vulnerability
unix/webapp/flashchat_upload_exec
2013-10-04
excellent FlashChat Arbitrary File Upload
unix/webapp/foswiki_maketext
2012-12-03
excellent Foswiki MAKETEXT Remote Command Exec
unix/webapp/freepbx_config_exec
2014-03-21
excellent FreePBX config.php Remote Code Executi
unix/webapp/generic_exec
1993-11-14
excellent Generic Web Application Unix Command Exec
unix/webapp/get_simple_cms_upload_exec
2014-01-04
excellent GetSimpleCMS PHP File Upload Vuln
unix/webapp/google_proxystylesheet_exec
2005-08-16
excellent Google Appliance ProxyStyleSheet Com
unix/webapp/graphite_pickle_exec
2013-08-20
excellent Graphite Web Unsafe Pickle Handling
unix/webapp/guestbook_ssi_exec
1999-11-05
excellent Matt Wright guestbook.pl Arbitrary Comma
unix/webapp/hastymail_exec
2011-11-22
excellent Hastymail 2.1.1 RC1 Command Injection
unix/webapp/havalite_upload_exec
2013-06-17
excellent Havalite CMS Arbitary File Upload Vulnera
unix/webapp/horde_unserialize_exec
2013-06-27
excellent Horde Framework Unserialize PHP Code
unix/webapp/hybridauth_install_php_exec
2014-08-04
manual HybridAuth install.php PHP Code Execu
unix/webapp/instantcms_exec
2013-06-26
excellent InstantCMS 1.6 Remote PHP Code Executio
unix/webapp/invision_pboard_unserialize_exec
2012-10-25
excellent Invision IP.Board unserialize() PHP Co
unix/webapp/joomla_akeeba_unserialize
2014-09-29
excellent Joomla Akeeba Kickstart Unserialize Re
unix/webapp/joomla_comjce_imgmanager
2012-08-02
excellent Joomla Component JCE File Upload R
Page 9

Sheet1

unix/webapp/joomla_media_upload_exec
2013-08-01
excellent Joomla Media Manager File Upload Vu
unix/webapp/joomla_tinybrowser
2009-07-22
excellent Joomla 1.5.12 TinyBrowser File Upload Cod
unix/webapp/kimai_sqli
2013-05-21
average Kimai v0.9.2 'db_restore.php' SQL Injection
unix/webapp/libretto_upload_exec
2013-06-14
excellent LibrettoCMS File Manager Arbitary File Uplo
unix/webapp/maarch_letterbox_file_upload
2015-02-11
excellent Maarch LetterBox Unrestricted File Uplo
unix/webapp/mambo_cache_lite
2008-06-14
excellent Mambo Cache_Lite Class mosConfig_abso
unix/webapp/mitel_awc_exec
2010-12-12
excellent Mitel Audio and Web Conferencing Comman
unix/webapp/moinmoin_twikidraw
2012-12-30
manual MoinMoin twikidraw Action Traversal File U
unix/webapp/mybb_backdoor
2011-10-06
excellent myBB 1.6.4 Backdoor Arbitrary Command E
unix/webapp/nagios3_history_cgi
2012-12-09
great
Nagios3 history.cgi Host Command Execution
unix/webapp/nagios3_statuswml_ping
2009-06-22
excellent Nagios3 statuswml.cgi Ping Command E
unix/webapp/nagios_graph_explorer
2012-11-30
excellent Nagios XI Network Monitor Graph Explore
unix/webapp/narcissus_backend_exec
2012-11-14
excellent Narcissus Image Configuration Passthru
unix/webapp/open_flash_chart_upload_exec
2009-12-14
great
Open Flash Chart v2 Arbitrary File Uplo
unix/webapp/openemr_sqli_privesc_upload
2013-09-16
excellent OpenEMR 4.1.1 Patch 14 SQLi Privileg
unix/webapp/openemr_upload_exec
2013-02-13
excellent OpenEMR PHP File Upload Vulnerability
unix/webapp/opensis_modname_exec
2012-12-04
excellent OpenSIS 'modname' PHP Code Execut
unix/webapp/openview_connectednodes_exec
2005-08-25
excellent HP Openview connectedNodes.ovpl
unix/webapp/openx_banner_edit
2009-11-24
excellent OpenX banner-edit.php File Upload PHP C
unix/webapp/oracle_vm_agent_utl
2010-10-12
excellent Oracle VM Server Virtual Server Agent Com
unix/webapp/oscommerce_filemanager
2009-08-31
excellent osCommerce 2.2 Arbitrary PHP Code E
unix/webapp/pajax_remote_exec
2006-03-30
excellent PAJAX Remote Command Execution
unix/webapp/php_charts_exec
2013-01-16
excellent PHP-Charts v1.0 PHP Code Execution Vulne
unix/webapp/php_eval
2008-10-13
manual Generic PHP Code Evaluation
unix/webapp/php_include
2006-12-17
normal PHP Remote File Include Generic Code Execu
unix/webapp/php_vbulletin_template
2005-02-25
excellent vBulletin misc.php Template Name Arbitrar
unix/webapp/php_xmlrpc_eval
2005-06-29
excellent PHP XML-RPC Arbitrary Code Execution
unix/webapp/phpbb_highlight
2004-11-12
excellent phpBB viewtopic.php Arbitrary Code Executio
unix/webapp/phpmyadmin_config
2009-03-24
excellent PhpMyAdmin Config File Code Injection
unix/webapp/projectpier_upload_exec
2012-10-08
excellent Project Pier Arbitrary File Upload Vulnerab
unix/webapp/projectsend_upload_exec
2014-12-02
excellent ProjectSend Arbitrary File Upload
unix/webapp/qtss_parse_xml_exec
2003-02-24
excellent QuickTime Streaming Server parse_xml.cg
unix/webapp/redmine_scm_exec
2010-12-19
excellent Redmine SCM Repository Arbitrary Comm
unix/webapp/seportal_sqli_exec
2014-03-20
excellent SePortal SQLi Remote Code Execution
unix/webapp/simple_e_document_upload_exec
2014-01-23
excellent Simple E-Document Arbitrary File U
unix/webapp/sixapart_movabletype_storable_exec
2015-02-11
good
SixApart MovableType Storable Perl
unix/webapp/skybluecanvas_exec
2014-01-28
excellent SkyBlueCanvas CMS Remote Code Execu
unix/webapp/sphpblog_file_upload
2005-08-25
excellent Simple PHP Blog Remote Command Execu
unix/webapp/spip_connect_exec
2012-07-04
normal SPIP connect Parameter PHP Injection
unix/webapp/squash_yaml_exec
2013-08-06
excellent Squash YAML Code Execution
unix/webapp/squirrelmail_pgp_plugin
2007-07-09
manual SquirrelMail PGP Plugin Command Execu
unix/webapp/sugarcrm_unserialize_exec
2012-06-23
excellent SugarCRM unserialize() PHP Code Exec
unix/webapp/tikiwiki_graph_formula_exec
2007-10-10
excellent TikiWiki tiki-graph_formula Remote PHP
unix/webapp/tikiwiki_jhot_exec
2006-09-02
excellent TikiWiki jhot Remote Command Execution
unix/webapp/tikiwiki_unserialize_exec
2012-07-04
excellent Tiki Wiki unserialize() PHP Code Execution
unix/webapp/trixbox_langchoice
2008-07-09
manual Trixbox langChoice PHP Local File Inclusion
unix/webapp/tuleap_unserialize_exec
2014-11-27
excellent Tuleap PHP Unserialize Code Execution
unix/webapp/twiki_history
2005-09-14
excellent TWiki History TWikiUsers rev Parameter Comm
unix/webapp/twiki_maketext
2012-12-15
excellent TWiki MAKETEXT Remote Command Executi
Page 10

Sheet1

unix/webapp/twiki_search
2004-10-01
excellent TWiki Search Function Arbitrary Command Exe
unix/webapp/vbulletin_vote_sqli_exec
2013-03-25
excellent vBulletin index.php/ajax/api/reputation/vote
unix/webapp/vicidial_manager_send_cmd_exec
2013-10-23
excellent VICIdial Manager Send OS Comman
unix/webapp/webmin_show_cgi_exec
2012-09-06
excellent Webmin /file/show.cgi Remote Comman
unix/webapp/webtester_exec
2013-10-17
excellent WebTester 5.x Command Execution
unix/webapp/wp_admin_shell_upload
2015-02-21
excellent WordPress Admin Shell Upload
unix/webapp/wp_advanced_custom_fields_exec
2012-11-14
excellent WordPress Plugin Advanced Custom
unix/webapp/wp_asset_manager_upload_exec
2012-05-26
excellent WordPress Asset-Manager PHP File
unix/webapp/wp_creativecontactform_file_upload
2014-10-22
excellent Wordpress Creative Contact Form Up
unix/webapp/wp_downloadmanager_upload
2014-12-03
excellent Wordpress Download Manager (dow
unix/webapp/wp_easycart_unrestricted_file_upload
2015-01-08
excellent WordPress WP EasyCart Unrestricte
unix/webapp/wp_foxypress_upload
2012-06-05
excellent WordPress Plugin Foxypress uploadify.ph
unix/webapp/wp_frontend_editor_file_upload
2012-07-04
excellent Wordpress Front-end Editor File Upload
unix/webapp/wp_google_document_embedder_exec
2013-01-03
normal WordPress Plugin Google Docum
unix/webapp/wp_holding_pattern_file_upload
2015-02-11
excellent WordPress Holding Pattern Theme Arb
unix/webapp/wp_inboundio_marketing_file_upload
2015-03-24
excellent Wordpress InBoundio Marketing PH
unix/webapp/wp_infusionsoft_upload
2014-09-25
excellent Wordpress InfusionSoft Upload Vulnerabil
unix/webapp/wp_lastpost_exec
2005-08-09
excellent WordPress cache_lastpostdate Arbitrary Co
unix/webapp/wp_nmediawebsite_file_upload
2015-04-12
excellent Wordpress N-Media Website Contact
unix/webapp/wp_optimizepress_upload
2013-11-29
normal WordPress OptimizePress Theme File U
unix/webapp/wp_photo_gallery_unrestricted_file_upload
2014-11-11
excellent WordPress Photo Gallery Unrestric
unix/webapp/wp_pixabay_images_upload
2015-01-19
excellent WordPress Pixabay Images PHP Code
unix/webapp/wp_platform_exec
2015-01-21
excellent WordPress Platform Theme File Upload Vul
unix/webapp/wp_property_upload_exec
2012-03-26
excellent WordPress WP-Property PHP File Uploa
unix/webapp/wp_reflexgallery_file_upload
2012-12-30
excellent Wordpress Reflex Gallery Upload Vulnera
unix/webapp/wp_revslider_upload_execute
2014-11-26
excellent WordPress RevSlider File Upload and E
unix/webapp/wp_slideshowgallery_upload
2014-08-28
excellent Wordpress SlideShow Gallery Authentic
unix/webapp/wp_symposium_shell_upload
2014-12-11
excellent WordPress WP Symposium 14.11 She
unix/webapp/wp_total_cache_exec
2013-04-17
excellent WordPress W3 Total Cache PHP Code Ex
unix/webapp/wp_worktheflow_upload
2015-03-14
excellent Wordpress Work The Flow Upload Vulne
unix/webapp/wp_wpshop_ecommerce_file_upload
2015-03-09
excellent WordPress WPshop eCommerce
unix/webapp/wp_wptouch_file_upload
2014-07-14
excellent Wordpress WPTouch Authenticated File U
unix/webapp/wp_wysija_newsletters_upload
2014-07-01
excellent Wordpress MailPoet Newsletters (wysi
unix/webapp/xoda_file_upload
2012-08-21
excellent XODA 0.4.5 Arbitrary PHP File Upload Vulner
unix/webapp/zeroshell_exec
2013-09-22
excellent ZeroShell Remote Code Execution
unix/webapp/zimbra_lfi
2013-12-06
excellent Zimbra Collaboration Server LFI
unix/webapp/zoneminder_packagecontrol_exec
2013-01-22
excellent ZoneMinder Video Server packageC
unix/webapp/zpanel_username_exec
2013-06-07
excellent ZPanel 10.0.0.2 htpasswd Module Usern
windows/antivirus/ams_hndlrsvc
2010-07-26
excellent Symantec System Center Alert Management
windows/antivirus/ams_xfr
2009-04-28
excellent Symantec System Center Alert Management Sy
windows/antivirus/symantec_endpoint_manager_rce
2014-02-24
excellent Symantec Endpoint Protection Man
windows/antivirus/symantec_iao
2009-04-28
good
Symantec Alert Management System Intel Ale
windows/antivirus/symantec_rtvscan
2006-05-24
good
Symantec Remote Management Buffer Ove
windows/antivirus/symantec_workspace_streaming_exec
2014-05-12
excellent Symantec Workspace Streaming
windows/antivirus/trendmicro_serverprotect
2007-02-20
good
Trend Micro ServerProtect 5.58 Buffer Ov
windows/antivirus/trendmicro_serverprotect_createbinding
2007-05-07
good
Trend Micro ServerProtect 5.58 Cre
windows/antivirus/trendmicro_serverprotect_earthagent
2007-05-07
good
Trend Micro ServerProtect 5.58 Eart
windows/arkeia/type77
2005-02-18
good
Arkeia Backup Client Type 77 Overflow (Win32)
windows/backdoor/energizer_duo_payload
2010-03-05
excellent Energizer DUO USB Battery Charger A
Page 11

Sheet1

windows/backupexec/name_service
2004-12-16
average Veritas Backup Exec Name Service Over
windows/backupexec/remote_agent
2005-06-22
great
Veritas Backup Exec Windows Remote Ag
windows/brightstor/ca_arcserve_342
2008-10-09
average Computer Associates ARCserve REPORT
windows/brightstor/discovery_tcp
2005-02-14
average CA BrightStor Discovery Service TCP Overfl
windows/brightstor/discovery_udp
2004-12-20
average CA BrightStor Discovery Service Stack Buff
windows/brightstor/etrust_itm_alert
2008-04-04
average Computer Associates Alert Notification Buffe
windows/brightstor/hsmserver
2007-09-27
great
CA BrightStor HSM Buffer Overflow
windows/brightstor/lgserver
2007-01-31
average CA BrightStor ARCserve for Laptops and Deskt
windows/brightstor/lgserver_multi
2007-06-06
average CA BrightStor ARCserve for Laptops and Des
windows/brightstor/lgserver_rxrlogin
2007-06-06
average CA BrightStor ARCserve for Laptops and De
windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter 2007-06-06
average CA BrightStor ARCserve for Lapt
windows/brightstor/lgserver_rxsuselicenseini
2007-06-06
average CA BrightStor ARCserve for Laptops and
windows/brightstor/license_gcr
2005-03-02
average CA BrightStor ARCserve License Service GCR
windows/brightstor/mediasrv_sunrpc
2007-04-25
average CA BrightStor ArcServe Media Service Sta
windows/brightstor/message_engine
2007-01-11
average CA BrightStor ARCserve Message Engine
windows/brightstor/message_engine_72
2010-10-04
average CA BrightStor ARCserve Message Engi
windows/brightstor/message_engine_heap
2006-10-05
average CA BrightStor ARCserve Message Eng
windows/brightstor/sql_agent
2005-08-02
average CA BrightStor Agent for Microsoft SQL Overflo
windows/brightstor/tape_engine
2006-11-21
average CA BrightStor ARCserve Tape Engine Buffer
windows/brightstor/tape_engine_0x8a
2010-10-04
average CA BrightStor ARCserve Tape Engine 0x8
windows/brightstor/universal_agent
2005-04-11
average CA BrightStor Universal Agent Overflow
windows/browser/adobe_cooltype_sing
2010-09-07
great
Adobe CoolType SING Table "uniqueNam
windows/browser/adobe_flash_avm2
2014-02-05
normal Adobe Flash Player Integer Underflow Re
windows/browser/adobe_flash_casi32_int_overflow
2014-10-14
great
Adobe Flash Player casi32 Integer Ov
windows/browser/adobe_flash_copy_pixels_to_byte_array
2014-09-23
great
Adobe Flash Player copyPixelsToB
windows/browser/adobe_flash_domain_memory_uaf
2014-04-14
great
Adobe Flash Player domainMemor
windows/browser/adobe_flash_filters_type_confusion
2013-12-10
normal Adobe Flash Player Type Confusion
windows/browser/adobe_flash_mp4_cprt
2012-02-15
normal Adobe Flash Player MP4 'cprt' Overflow
windows/browser/adobe_flash_net_connection_confusion
2015-03-12
normal Adobe Flash Player NetConnecti
windows/browser/adobe_flash_otf_font
2012-08-09
normal Adobe Flash Player 11.3 Kern Table Pars
windows/browser/adobe_flash_pcre
2014-11-25
normal Adobe Flash Player PCRE Regex Vulnera
windows/browser/adobe_flash_pixel_bender_bof
2014-04-28
normal Adobe Flash Player Shader Buffer O
windows/browser/adobe_flash_regex_value
2013-02-08
normal Adobe Flash Player Regular Expressio
windows/browser/adobe_flash_rtmp
2012-05-04
normal Adobe Flash Player Object Type Confusio
windows/browser/adobe_flash_sps
2011-08-09
normal Adobe Flash Player MP4 SequenceParam
windows/browser/adobe_flash_uncompress_zlib_uaf
2014-04-28
normal Adobe Flash Player ByteArray Unc
windows/browser/adobe_flash_uncompress_zlib_uninitialized
2014-11-11
good
Adobe Flash Player Uncompress
windows/browser/adobe_flash_worker_byte_array_uaf
2015-02-02
great
Adobe Flash Player ByteArray With
windows/browser/adobe_flashplayer_arrayindexing
2012-06-21
great
Adobe Flash Player AVM Verification
windows/browser/adobe_flashplayer_avm
2011-03-15
good
Adobe Flash Player AVM Bytecode Verif
windows/browser/adobe_flashplayer_flash10o
2011-04-11
normal Adobe Flash Player 10.2.153.1 SWF M
windows/browser/adobe_flashplayer_newfunction
2010-06-04
normal Adobe Flash Player "newfunction" In
windows/browser/adobe_flatedecode_predictor02
2009-10-08
good
Adobe FlateDecode Stream Predicto
windows/browser/adobe_geticon
2009-03-24
good
Adobe Collab.getIcon() Buffer Overflow
windows/browser/adobe_jbig2decode
2009-02-19
good
Adobe JBIG2Decode Heap Corruption
windows/browser/adobe_media_newplayer
2009-12-14
good
Adobe Doc.media.newPlayer Use After
windows/browser/adobe_shockwave_rcsl_corruption
2010-10-21
normal Adobe Shockwave rcsL Memory Co
windows/browser/adobe_toolbutton
2013-08-08
normal Adobe Reader ToolButton Use After Free
windows/browser/adobe_utilprintf
2008-02-08
good
Adobe util.printf() Buffer Overflow
Page 12

Sheet1

windows/browser/advantech_webaccess_dvs_getcolor
2014-07-17
normal Advantech WebAccess dvs.ocx G
windows/browser/aim_goaway
2004-08-09
great
AOL Instant Messenger goaway Overflow
windows/browser/aladdin_choosefilepath_bof
2012-04-01
normal Aladdin Knowledge System Ltd Choose
windows/browser/amaya_bdo
2009-01-28
normal Amaya Browser v11.0 'bdo' Tag Overflow
windows/browser/aol_ampx_convertfile
2009-05-19
normal AOL Radio AmpX ActiveX Control Conver
windows/browser/aol_icq_downloadagent
2006-11-06
excellent America Online ICQ ActiveX Control Arb
windows/browser/apple_itunes_playlist
2005-01-11
normal Apple ITunes 4.7 Playlist Buffer Overflow
windows/browser/apple_quicktime_marshaled_punk
2010-08-30
great
Apple QuickTime 7.6.7 _Marshaled_
windows/browser/apple_quicktime_mime_type
2012-11-07
normal Apple QuickTime 7.7.2 MIME Type B
windows/browser/apple_quicktime_rdrf
2013-05-22
normal Apple Quicktime 7 Invalid Atom Length Bu
windows/browser/apple_quicktime_rtsp
2007-01-01
normal Apple QuickTime 7.1.3 RTSP URI Buffer
windows/browser/apple_quicktime_smil_debug
2010-08-12
good
Apple QuickTime 7.6.6 Invalid SMIL U
windows/browser/apple_quicktime_texml_font_table
2012-11-07
normal Apple QuickTime 7.7.2 TeXML Style
windows/browser/ask_shortformat
2007-09-24
normal Ask.com Toolbar askBar.dll ActiveX Control
windows/browser/asus_net4switch_ipswcom
2012-02-17
normal ASUS Net4Switch ipswcom.dll ActiveX
windows/browser/athocgov_completeinstallation
2008-02-15
normal AtHocGov IWSAlerts ActiveX Control B
windows/browser/autodesk_idrop
2009-04-02
normal Autodesk IDrop ActiveX Control Heap Mem
windows/browser/aventail_epi_activex
2010-08-19
normal SonicWALL Aventail epi.dll AuthCredential
windows/browser/awingsoft_web3d_bof
2009-07-10
average AwingSoft Winds3D Player SceneURL B
windows/browser/awingsoft_winds3d_sceneurl
2009-11-14
excellent AwingSoft Winds3D Player 3.5 Scene
windows/browser/baofeng_storm_onbeforevideodownload
2009-04-30
normal BaoFeng Storm mps.dll ActiveX
windows/browser/barcode_ax49
2007-06-22
normal RKD Software BarCodeAx.dll v4.9 ActiveX
windows/browser/blackice_downloadimagefileurl
2008-06-05
excellent Black Ice Cover Page ActiveX Contro
windows/browser/c6_messenger_downloaderactivex
2008-06-03
excellent Icona SpA C6 Messenger Downlo
windows/browser/ca_brightstor_addcolumn
2008-03-16
normal CA BrightStor ARCserve Backup AddCo
windows/browser/chilkat_crypt_writefile
2008-11-03
excellent Chilkat Crypt ActiveX WriteFile Unsafe Met
windows/browser/cisco_anyconnect_exec
2011-06-01
excellent Cisco AnyConnect VPN Client ActiveX
windows/browser/cisco_playerpt_setsource
2012-03-22
normal Cisco Linksys PlayerPT ActiveX Control
windows/browser/cisco_playerpt_setsource_surl
2012-07-17
normal Cisco Linksys PlayerPT ActiveX Contr
windows/browser/citrix_gateway_actx
2011-07-14
normal Citrix Gateway ActiveX Control Stack Base
windows/browser/clear_quest_cqole
2012-05-19
normal IBM Rational ClearQuest CQOle Remote C
windows/browser/communicrypt_mail_activex
2010-05-19
great
CommuniCrypt Mail 1.16 SMTP ActiveX
windows/browser/creative_software_cachefolder
2008-05-28
normal Creative Software AutoUpdate Engine
windows/browser/crystal_reports_printcontrol
2010-12-14
normal Crystal Reports CrystalPrintControl Activ
windows/browser/dell_webcam_crazytalk
2012-03-19
normal Dell Webcam CrazyTalk ActiveX BackIm
windows/browser/dxstudio_player_exec
2009-06-09
excellent Worldweaver DX Studio Player shell.exe
windows/browser/ea_checkrequirements
2007-10-08
normal Electronic Arts SnoopyCtrl ActiveX Cont
windows/browser/ebook_flipviewer_fviewerloading
2007-06-06
normal FlipViewer FViewerLoading ActiveX C
windows/browser/enjoysapgui_comp_download
2009-04-15
excellent EnjoySAP SAP GUI ActiveX Control
windows/browser/enjoysapgui_preparetoposthtml
2007-07-05
normal EnjoySAP SAP GUI ActiveX Control
windows/browser/facebook_extractiptc
2008-01-31
normal Facebook Photo Uploader 4 ActiveX Cont
windows/browser/foxit_reader_plugin_url_bof
2013-01-07
normal Foxit Reader Plugin URL Processing Bu
windows/browser/getgodm_http_response_bof
2014-03-09
normal GetGo Download Manager HTTP Re
windows/browser/gom_openurl
2007-10-27
normal GOM Player ActiveX Control Buffer Overflow
windows/browser/greendam_url
2009-06-11
normal Green Dam URL Processing Buffer Overflow
windows/browser/honeywell_hscremotedeploy_exec
2013-02-22
excellent Honeywell HSC Remote Deployer
windows/browser/honeywell_tema_exec
2011-10-20
excellent Honeywell Tema Remote Installer Active
windows/browser/hp_alm_xgo_setshapenodetype_exec
2012-08-29
normal HP Application Lifecycle Manage
windows/browser/hp_easy_printer_care_xmlcachemgr
2012-01-11
great
HP Easy Printer Care XMLCacheM
Page 13

Sheet1

windows/browser/hp_easy_printer_care_xmlsimpleaccessor
2011-08-16
great
HP Easy Printer Care XMLSimple
windows/browser/hp_loadrunner_addfile
2008-01-25
normal Persits XUpload ActiveX AddFile Buffer O
windows/browser/hp_loadrunner_addfolder
2007-12-25
good
HP LoadRunner 9.0 ActiveX AddFolder
windows/browser/hp_loadrunner_writefilebinary
2013-07-24
normal HP LoadRunner lrFileIOService ActiveX
windows/browser/hp_loadrunner_writefilestring
2013-07-24
normal HP LoadRunner lrFileIOService ActiveX
windows/browser/hpmqc_progcolor
2007-04-04
normal HP Mercury Quality Center ActiveX Contro
windows/browser/hyleos_chemviewx_activex
2010-02-10
good
Hyleos ChemView ActiveX Control Sta
windows/browser/ibm_spss_c1sizer
2013-04-26
normal IBM SPSS SamplePower C1Tab ActiveX H
windows/browser/ibm_tivoli_pme_activex_bof
2012-03-01
normal IBM Tivoli Provisioning Manager Expre
windows/browser/ibmegath_getxmlvalue
2009-03-24
normal IBM Access Support ActiveX Control Bu
windows/browser/ibmlotusdomino_dwa_uploadmodule
2007-12-20
normal IBM Lotus Domino Web Access U
windows/browser/ie_cbutton_uaf
2012-12-27
normal MS13-008 Microsoft Internet Explorer CButt
windows/browser/ie_cgenericelement_uaf
2013-05-03
good
MS13-038 Microsoft Internet Explorer CG
windows/browser/ie_createobject
2006-04-11
excellent MS06-014 Microsoft Internet Explorer COM
windows/browser/ie_execcommand_uaf
2012-09-14
good
MS12-063 Microsoft Internet Explorer ex
windows/browser/ie_iscomponentinstalled
2006-02-24
normal Microsoft Internet Explorer isComponent
windows/browser/ie_setmousecapture_uaf
2013-09-17
normal MS13-080 Microsoft Internet Explorer S
windows/browser/ie_unsafe_scripting
2010-09-20
excellent Microsoft Internet Explorer Unsafe Scriptin
windows/browser/imgeviewer_tifmergemultifiles
2010-03-03
normal Viscom Image Viewer CP Pro 8.0/Gold
windows/browser/indusoft_issymbol_internationalseparator
2012-04-28
normal InduSoft Web Studio ISSymbol.oc
windows/browser/inotes_dwa85w_bof
2012-06-01
normal IBM Lotus iNotes dwa85W ActiveX Buffe
windows/browser/intrust_annotatex_add
2012-03-28
average Quest InTrust Annotation Objects Uniniti
windows/browser/java_basicservice_impl
2010-10-12
excellent Sun Java Web Start BasicServiceImpl C
windows/browser/java_cmm
2013-03-01
normal Java CMM Remote Code Execution
windows/browser/java_codebase_trust
2011-02-15
excellent Sun Java Applet2ClassLoader Remote C
windows/browser/java_docbase_bof
2010-10-12
great
Sun Java Runtime New Plugin docbase Bu
windows/browser/java_mixer_sequencer
2010-03-30
great
Java MixerSequencer Object GM_Song S
windows/browser/java_ws_arginject_altjvm
2010-04-09
excellent Sun Java Web Start Plugin Command L
windows/browser/java_ws_double_quote
2012-10-16
excellent Sun Java Web Start Double Quote Injec
windows/browser/java_ws_vmargs
2012-02-14
excellent Sun Java Web Start Plugin Command Lin
windows/browser/juniper_sslvpn_ive_setupdll
2006-04-26
normal Juniper SSL-VPN IVE JuniperSetupDLL
windows/browser/kazaa_altnet_heap
2007-10-03
normal Kazaa Altnet Download Manager ActiveX
windows/browser/keyhelp_launchtripane_exec
2012-06-26
excellent KeyHelp ActiveX LaunchTriPane Rem
windows/browser/logitechvideocall_start
2007-05-31
normal Logitech VideoCall ActiveX Control Buffer
windows/browser/lpviewer_url
2008-10-06
normal iseemedia / Roxio / MGI Software LPViewer A
windows/browser/macrovision_downloadandexecute
2007-10-31
normal Macrovision InstallShield Update S
windows/browser/macrovision_unsafe
2007-10-20
excellent Macrovision InstallShield Update Service
windows/browser/malwarebytes_update_exec
2014-12-16
good
Malwarebytes Anti-Malware and Anti-E
windows/browser/maxthon_history_xcs
2012-11-26
excellent Maxthon3 about:history XCS Trusted Zon
windows/browser/mcafee_mcsubmgr_vsprintf
2006-08-01
normal McAfee Subscription Manager Stack
windows/browser/mcafee_mvt_exec
2012-04-30
excellent McAfee Virtual Technician MVTControl 6.
windows/browser/mcafeevisualtrace_tracetarget
2007-07-07
normal McAfee Visual Trace ActiveX Control B
windows/browser/mirc_irc_url
2003-10-13
normal mIRC IRC URL Buffer Overflow
windows/browser/mozilla_attribchildremoved
2011-12-06
average Firefox 8/9 AttributeChildRemoved() Us
windows/browser/mozilla_firefox_onreadystatechange
2013-06-25
normal Firefox onreadystatechange Event
windows/browser/mozilla_firefox_xmlserializer
2013-01-08
normal Firefox XMLSerializer Use After Free
windows/browser/mozilla_interleaved_write
2010-10-25
normal Mozilla Firefox Interleaved document.wri
windows/browser/mozilla_mchannel
2011-05-10
normal Mozilla Firefox 3.6.16 mChannel Use-Afte
windows/browser/mozilla_nssvgvalue
2011-12-06
average Firefox nsSVGValue Out-of-Bounds Acce
Page 14

Sheet1

windows/browser/mozilla_nstreerange
2011-02-02
normal Mozilla Firefox "nsTreeRange" Dangling P
windows/browser/mozilla_reduceright
2011-06-21
normal Mozilla Firefox Array.reduceRight() Integer
windows/browser/ms03_020_ie_objecttype
2003-06-04
normal MS03-020 Microsoft Internet Explorer O
windows/browser/ms05_054_onload
2005-11-21
normal MS05-054 Microsoft Internet Explorer Ja
windows/browser/ms06_001_wmf_setabortproc
2005-12-27
great
Windows XP/2003/Vista Metafile Esc
windows/browser/ms06_013_createtextrange
2006-03-19
normal MS06-013 Microsoft Internet Explorer
windows/browser/ms06_055_vml_method
2006-09-19
normal MS06-055 Microsoft Internet Explorer
windows/browser/ms06_057_webview_setslice
2006-07-17
normal MS06-057 Microsoft Internet Explore
windows/browser/ms06_067_keyframe
2006-11-14
normal MS06-067 Microsoft Internet Explorer D
windows/browser/ms06_071_xml_core
2006-10-10
normal MS06-071 Microsoft Internet Explorer X
windows/browser/ms07_017_ani_loadimage_chunksize
2007-03-28
great
Windows ANI LoadAniIcon() Chun
windows/browser/ms08_041_snapshotviewer
2008-07-07
excellent Snapshot Viewer for Microsoft Acces
windows/browser/ms08_053_mediaencoder
2008-09-09
normal Windows Media Encoder 9 wmex.dll
windows/browser/ms08_070_visual_studio_msmask
2008-08-13
normal Microsoft Visual Studio Mdmask3
windows/browser/ms08_078_xml_corruption
2008-12-07
normal MS08-078 Microsoft Internet Explorer
windows/browser/ms09_002_memory_corruption
2009-02-10
normal MS09-002 Microsoft Internet Explo
windows/browser/ms09_043_owc_htmlurl
2009-08-11
normal Microsoft OWC Spreadsheet HTMLUR
windows/browser/ms09_043_owc_msdso
2009-07-13
normal Microsoft OWC Spreadsheet msData
windows/browser/ms09_072_style_object
2009-11-20
normal MS09-072 Microsoft Internet Explorer S
windows/browser/ms10_002_aurora
2010-01-14
normal MS10-002 Microsoft Internet Explorer "Au
windows/browser/ms10_002_ie_object
2010-01-21
normal MS10-002 Microsoft Internet Explorer Ob
windows/browser/ms10_018_ie_behaviors
2010-03-09
good
MS10-018 Microsoft Internet Explorer D
windows/browser/ms10_018_ie_tabular_activex
2010-03-09
good
MS10-018 Microsoft Internet Explorer
windows/browser/ms10_022_ie_vbscript_winhlp32
2010-02-26
great
MS10-022 Microsoft Internet Explore
windows/browser/ms10_026_avi_nsamplespersec
2010-04-13
normal MS10-026 Microsoft MPEG Layerwindows/browser/ms10_042_helpctr_xss_cmd_exec
2010-06-09
excellent Microsoft Help Center XSS and C
windows/browser/ms10_046_shortcut_icon_dllloader
2010-07-16
excellent Microsoft Windows Shell LNK Code
windows/browser/ms10_090_ie_css_clip
2010-11-03
good
MS10-090 Microsoft Internet Explorer CS
windows/browser/ms11_003_ie_css_import
2010-11-29
good
MS11-003 Microsoft Internet Explorer C
windows/browser/ms11_050_mshtml_cobjectelement
2011-06-16
normal MS11-050 IE mshtml!CObjectEle
windows/browser/ms11_081_option
2012-10-11
normal MS11-081 Microsoft Internet Explorer Op
windows/browser/ms11_093_ole32
2011-12-13
normal MS11-093 Microsoft Windows OLE Objec
windows/browser/ms12_004_midi
2012-01-10
normal MS12-004 midiOutPlayNextPolyEvent Hea
windows/browser/ms12_037_ie_colspan
2012-06-12
normal MS12-037 Microsoft Internet Explorer F
windows/browser/ms12_037_same_id
2012-06-12
normal MS12-037 Microsoft Internet Explorer S
windows/browser/ms13_009_ie_slayoutrun_uaf
2013-02-13
average MS13-009 Microsoft Internet Explore
windows/browser/ms13_022_silverlight_script_object
2013-03-12
normal MS13-022 Microsoft Silverlight Scrip
windows/browser/ms13_037_svg_dashstyle
2013-03-06
normal MS13-037 Microsoft Internet Explorer
windows/browser/ms13_055_canchor
2013-07-09
normal MS13-055 Microsoft Internet Explorer CA
windows/browser/ms13_059_cflatmarkuppointer
2013-06-27
normal MS13-059 Microsoft Internet Explore
windows/browser/ms13_069_caret
2013-09-10
normal MS13-069 Microsoft Internet Explorer CCa
windows/browser/ms13_080_cdisplaypointer
2013-10-08
normal MS13-080 Microsoft Internet Explorer
windows/browser/ms13_090_cardspacesigninhelper
2013-11-08
normal MS13-090 CardSpaceClaimCollec
windows/browser/ms14_012_cmarkup_uaf
2014-02-13
normal MS14-012 Microsoft Internet Explorer
windows/browser/ms14_012_textrange
2014-03-11
normal MS14-012 Microsoft Internet Explorer Te
windows/browser/ms14_064_ole_code_execution
2014-11-13
good
MS14-064 Microsoft Internet Explor
windows/browser/msvidctl_mpeg2
2009-07-05
normal Microsoft DirectShow (msvidctl.dll) MPEGwindows/browser/mswhale_checkforupdates
2009-04-15
normal Microsoft Whale Intelligent Application
windows/browser/msxml_get_definition_code_exec
2012-06-12
good
MS12-043 Microsoft XML Core Serv
Page 15

Sheet1

windows/browser/nctaudiofile2_setformatlikesample
2007-01-24
normal NCTAudioFile2 v2.x ActiveX Control
windows/browser/nis2004_antispam
2004-03-19
normal Norton AntiSpam 2004 SymSpamHelper A
windows/browser/nis2004_get
2007-05-16
normal Symantec Norton Internet Security 2004 Acti
windows/browser/notes_handler_cmdinject
2012-06-18
excellent IBM Lotus Notes Client URL Handler C
windows/browser/novell_groupwise_gwcls1_actvx
2013-01-30
normal Novell GroupWise Client gwcls1.dll A
windows/browser/novelliprint_callbackurl
2010-08-20
normal Novell iPrint Client ActiveX Control call-bac
windows/browser/novelliprint_datetime
2009-12-08
great
Novell iPrint Client ActiveX Control Date/Tim
windows/browser/novelliprint_executerequest
2008-02-22
normal Novell iPrint Client ActiveX Control Exec
windows/browser/novelliprint_executerequest_dbg
2010-08-04
normal Novell iPrint Client ActiveX Control Ex
windows/browser/novelliprint_getdriversettings
2008-06-16
normal Novell iPrint Client ActiveX Control Buffe
windows/browser/novelliprint_getdriversettings_2
2010-11-15
normal Novell iPrint Client ActiveX Control Buff
windows/browser/novelliprint_target_frame
2009-12-08
great
Novell iPrint Client ActiveX Control target-f
windows/browser/ntr_activex_check_bof
2012-01-11
normal NTR ActiveX Control Check() Method Bu
windows/browser/ntr_activex_stopmodule
2012-01-11
normal NTR ActiveX Control StopModule() Rem
windows/browser/oracle_autovue_setmarkupmode
2012-04-18
normal Oracle AutoVue ActiveX Control Se
windows/browser/oracle_dc_submittoexpress
2009-08-28
normal Oracle Document Capture 10g ActiveX
windows/browser/oracle_webcenter_checkoutandopen
2013-04-16
excellent Oracle WebCenter Content Chec
windows/browser/orbit_connecting
2009-02-03
normal Orbit Downloader Connecting Log Creation
windows/browser/ovftool_format_string
2012-11-08
normal VMWare OVF Tools Format String Vulnera
windows/browser/pcvue_func
2011-10-05
average PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/Sa
windows/browser/persits_xupload_traversal
2009-09-29
excellent Persits XUpload ActiveX MakeHttpRequ
windows/browser/quickr_qp2_bof
2012-05-23
normal IBM Lotus QuickR qp2 ActiveX Buffer Overf
windows/browser/real_arcade_installerdlg
2011-04-03
normal Real Networks Arcade Games StubbyUtil
windows/browser/realplayer_cdda_uri
2010-11-15
normal RealNetworks RealPlayer CDDA URI Initia
windows/browser/realplayer_console
2008-03-08
normal RealPlayer rmoc3260.dll ActiveX Control H
windows/browser/realplayer_import
2007-10-18
normal RealPlayer ierpplug.dll ActiveX Control Play
windows/browser/realplayer_qcp
2011-08-16
average RealNetworks Realplayer QCP Parsing Hea
windows/browser/realplayer_smil
2005-03-01
normal RealNetworks RealPlayer SMIL Buffer Overf
windows/browser/roxio_cineplayer
2007-04-11
normal Roxio CinePlayer ActiveX Control Buffer Ov
windows/browser/safari_xslt_output
2011-07-20
excellent Apple Safari Webkit libxslt Arbitrary File Cre
windows/browser/samsung_neti_wiewer_backuptoavi_bof
2012-04-21
normal Samsung NET-i Viewer Multiple
windows/browser/sapgui_saveviewtosessionfile
2009-03-31
normal SAP AG SAPgui EAI WebViewer3D B
windows/browser/siemens_solid_edge_selistctrlx
2013-05-26
normal Siemens Solid Edge ST4 SEListCtrlX
windows/browser/softartisans_getdrivename
2008-08-25
normal SoftArtisans XFile FileManager ActiveX
windows/browser/sonicwall_addrouteentry
2007-11-01
normal SonicWall SSL-VPN NetExtender Active
windows/browser/symantec_altirisdeployment_downloadandinstall 2009-09-09
excellent Symantec Altiris Deployment S
windows/browser/symantec_altirisdeployment_runcmd
2009-11-04
normal Symantec Altiris Deployment Solu
windows/browser/symantec_appstream_unsafe
2009-01-15
excellent Symantec AppStream LaunchObj Ac
windows/browser/symantec_backupexec_pvcalendar
2008-02-28
normal Symantec BackupExec Calendar
windows/browser/symantec_consoleutilities_browseandsavefile 2009-11-02
normal Symantec ConsoleUtilities Activ
windows/browser/synactis_connecttosynactis_bof
2013-05-30
normal Synactis PDF In-The-Box ConnectTo
windows/browser/systemrequirementslab_unsafe
2008-10-16
excellent Husdawg, LLC. System Requiremen
windows/browser/teechart_pro
2011-08-11
normal TeeChart Professional ActiveX Control Truste
windows/browser/tom_sawyer_tsgetx71ex552
2011-05-03
normal Tom Sawyer Software GET Extension
windows/browser/trendmicro_extsetowner
2010-08-25
normal Trend Micro Internet Security Pro 2010 A
windows/browser/trendmicro_officescan
2007-02-12
normal Trend Micro OfficeScan Client ActiveX Co
windows/browser/tumbleweed_filetransfer
2008-04-07
great
Tumbleweed FileTransfer vcst_eu.dll Activ
windows/browser/ubisoft_uplay_cmd_exec
2012-07-29
normal Ubisoft uplay 2.0.3 ActiveX Control Arb
windows/browser/ultramjcam_openfiledig_bof
2012-03-28
normal TRENDnet SecurView Internet Camera
Page 16

Sheet1

windows/browser/ultraoffice_httpupload
2008-08-27
good
Ultra Shareware Office Control ActiveX Http
windows/browser/verypdf_pdfview
2008-06-16
normal VeryPDF PDFView OCX ActiveX OpenPDF
windows/browser/viscom_movieplayer_drawtext
2010-01-12
normal Viscom Software Movie Player Pro S
windows/browser/vlc_amv
2011-03-23
good
VLC AMV Dangling Pointer Vulnerability
windows/browser/vlc_mms_bof
2012-03-15
normal VLC MMS Stream Handling Buffer Overflow
windows/browser/webdav_dll_hijacker
2010-08-18
manual WebDAV Application DLL Hijacker
windows/browser/webex_ucf_newobject
2008-08-06
good
WebEx UCF atucfobj.dll ActiveX NewOb
windows/browser/wellintech_kingscada_kxclientdownload
2014-01-14
good
KingScada kxClientDownload.ocx
windows/browser/winamp_playlist_unc
2006-01-29
great
Winamp Playlist UNC Path Computer Nam
windows/browser/winamp_ultravox
2008-01-18
normal Winamp Ultravox Streaming Metadata (in_
windows/browser/windvd7_applicationtype
2007-03-20
normal WinDVD7 IASystemInfo.DLL ActiveX Co
windows/browser/winzip_fileview
2007-11-02
normal WinZip FileView (WZFILEVIEW.FileViewCtrl
windows/browser/wmi_admintools
2010-12-21
great
Microsoft WMI Administration Tools ActiveX
windows/browser/x360_video_player_set_text_bof
2015-01-30
normal X360 VideoPlayer ActiveX Control B
windows/browser/xmplay_asx
2006-11-21
good
XMPlay 3.3.0.4 (ASX Filename) Buffer Overfl
windows/browser/yahoomessenger_fvcom
2007-08-30
normal Yahoo! Messenger YVerInfo.dll ActiveX
windows/browser/yahoomessenger_server
2007-06-05
good
Yahoo! Messenger 8.1.0.249 ActiveX C
windows/browser/zenturiprogramchecker_unsafe
2007-05-29
excellent Zenturi ProgramChecker ActiveX Co
windows/browser/zenworks_helplauncher_exec
2011-10-19
normal AdminStudio LaunchHelp.dll ActiveX
windows/dcerpc/ms03_026_dcom
2003-07-16
great
MS03-026 Microsoft RPC DCOM Interface
windows/dcerpc/ms05_017_msmq
2005-04-12
good
MS05-017 Microsoft Message Queueing
windows/dcerpc/ms07_029_msdns_zonename
2007-04-12
great
MS07-029 Microsoft DNS RPC Serv
windows/dcerpc/ms07_065_msmq
2007-12-11
good
MS07-065 Microsoft Message Queueing
windows/email/ms07_017_ani_loadimage_chunksize
2007-03-28
great
Windows ANI LoadAniIcon() Chunk
windows/email/ms10_045_outlook_ref_only
2010-06-01
excellent Outlook ATTACH_BY_REF_ONLY File
windows/email/ms10_045_outlook_ref_resolve
2010-06-01
excellent Outlook ATTACH_BY_REF_RESOLV
windows/emc/alphastor_agent
2008-05-27
great
EMC AlphaStor Agent Buffer Overflow
windows/emc/alphastor_device_manager_exec
2013-01-18
excellent EMC AlphaStor Device Manager Op
windows/emc/networker_format_string
2012-08-29
normal EMC Networker Format String
windows/emc/replication_manager_exec
2011-02-07
great
EMC Replication Manager Command Ex
windows/fileformat/a_pdf_wav_to_mp3
2010-08-17
normal A-PDF WAV to MP3 v1.0.0 Buffer Overflo
windows/fileformat/abbs_amp_lst
2013-06-30
normal ABBS Audio Media Player .LST Buffer Overf
windows/fileformat/acdsee_fotoslate_string
2011-09-12
good
ACDSee FotoSlate PLP File id Parameter
windows/fileformat/acdsee_xpm
2007-11-23
good
ACDSee XPM File Section Buffer Overflow
windows/fileformat/actfax_import_users_bof
2012-08-28
normal ActiveFax (ActFax) 4.3 Client Importer B
windows/fileformat/activepdf_webgrabber
2008-08-26
low
activePDF WebGrabber ActiveX Control Bu
windows/fileformat/adobe_collectemailinfo
2008-02-08
good
Adobe Collab.collectEmailInfo() Buffer Ove
windows/fileformat/adobe_cooltype_sing
2010-09-07
great
Adobe CoolType SING Table "uniqueName
windows/fileformat/adobe_flashplayer_button
2010-10-28
normal Adobe Flash Player "Button" Remote Co
windows/fileformat/adobe_flashplayer_newfunction
2010-06-04
normal Adobe Flash Player "newfunction" Inv
windows/fileformat/adobe_flatedecode_predictor02
2009-10-08
good
Adobe FlateDecode Stream Predictor
windows/fileformat/adobe_geticon
2009-03-24
good
Adobe Collab.getIcon() Buffer Overflow
windows/fileformat/adobe_illustrator_v14_eps
2009-12-03
great
Adobe Illustrator CS4 v14.0.0
windows/fileformat/adobe_jbig2decode
2009-02-19
good
Adobe JBIG2Decode Memory Corruption
windows/fileformat/adobe_libtiff
2010-02-16
good
Adobe Acrobat Bundled LibTIFF Integer Overflo
windows/fileformat/adobe_media_newplayer
2009-12-14
good
Adobe Doc.media.newPlayer Use After
windows/fileformat/adobe_pdf_embedded_exe
2010-03-29
excellent Adobe PDF Embedded EXE Social E
windows/fileformat/adobe_pdf_embedded_exe_nojs
2010-03-29
excellent Adobe PDF Escape EXE Social En
windows/fileformat/adobe_reader_u3d
2011-12-06
average Adobe Reader U3D Memory Corruption V
Page 17

Sheet1

windows/fileformat/adobe_toolbutton
2013-08-08
normal Adobe Reader ToolButton Use After Free
windows/fileformat/adobe_u3d_meshdecl
2009-10-13
good
Adobe U3D CLODProgressiveMeshDec
windows/fileformat/adobe_utilprintf
2008-02-08
good
Adobe util.printf() Buffer Overflow
windows/fileformat/allplayer_m3u_bof
2013-10-09
normal ALLPlayer M3U Buffer Overflow
windows/fileformat/altap_salamander_pdb
2007-06-19
good
Altap Salamander 2.5 PE Viewer Buffer O
windows/fileformat/aol_desktop_linktag
2011-01-31
normal AOL Desktop 9.6 RTX Buffer Overflow
windows/fileformat/aol_phobos_bof
2010-01-20
average AOL 9.5 Phobos.Playlist Import() Stack-bas
windows/fileformat/apple_quicktime_pnsize
2011-08-08
good
Apple QuickTime PICT PnSize Buffer Ov
windows/fileformat/apple_quicktime_rdrf
2013-05-22
normal Apple Quicktime 7 Invalid Atom Length Bu
windows/fileformat/apple_quicktime_texml
2012-05-15
normal Apple QuickTime TeXML Style Element S
windows/fileformat/audio_coder_m3u
2013-05-01
normal AudioCoder .M3U Buffer Overflow
windows/fileformat/audio_wkstn_pls
2009-12-08
good
Audio Workstation 6.4.2.4.3 pls Buffer Overf
windows/fileformat/audiotran_pls
2010-01-09
good
Audiotran 1.4.1 (PLS File) Stack Buffer Overfl
windows/fileformat/audiotran_pls_1424
2010-09-09
good
Audiotran PLS File Stack Buffer Overflow
windows/fileformat/aviosoft_plf_buf
2011-11-09
good
Aviosoft Digital TV Player Professional 1.0 Sta
windows/fileformat/bacnet_csv
2010-09-16
good
BACnet OPC Client Buffer Overflow
windows/fileformat/beetel_netconfig_ini_bof
2013-10-12
normal Beetel Connection Manager NetConfig.in
windows/fileformat/blazedvd_hdtv_bof
2012-04-03
normal BlazeVideo HDTV Player Pro v6.6 Filenam
windows/fileformat/blazedvd_plf
2009-08-03
good
BlazeDVD 6.1 PLF Buffer Overflow
windows/fileformat/bpftp_client_bps_bof
2014-07-24
normal BulletProof FTP Client BPS Buffer Overflo
windows/fileformat/bsplayer_m3u
2010-01-07
normal BS.Player 2.57 Buffer Overflow (Unicode SE
windows/fileformat/ca_cab
2007-06-05
good
CA Antivirus Engine CAB Buffer Overflow
windows/fileformat/cain_abel_4918_rdp
2008-11-30
good
Cain and Abel RDP Buffer Overflow
windows/fileformat/ccmplayer_m3u_bof
2011-11-30
good
CCMPlayer 1.5 m3u Playlist Stack Based
windows/fileformat/chasys_draw_ies_bmp_bof
2013-07-26
normal Chasys Draw IES Buffer Overflow
windows/fileformat/coolpdf_image_stream_bof
2013-01-18
normal Cool PDF Image Stream Buffer Overflo
windows/fileformat/corelpdf_fusion_bof
2013-07-08
normal Corel PDF Fusion Stack Buffer Overflow
windows/fileformat/csound_getnum_bof
2012-02-23
normal Csound hetro File Handling Stack Buffer
windows/fileformat/cutezip_bof
2011-02-12
normal GlobalSCAPE CuteZIP Stack Buffer Overflow
windows/fileformat/cyberlink_p2g_bof
2011-09-12
great
CyberLink Power2Go name Attribute (p2g) S
windows/fileformat/cytel_studio_cy3
2011-10-02
good
Cytel Studio 9.0 (CY3 File) Stack Buffer Ove
windows/fileformat/deepburner_path
2006-12-19
great
AstonSoft DeepBurner (DBR File) Path Buff
windows/fileformat/destinymediaplayer16
2009-01-03
good
Destiny Media Player 1.61 PLS M3U Buffe
windows/fileformat/digital_music_pad_pls
2010-09-17
normal Digital Music Pad Version 8.2.3.3.4 Stack
windows/fileformat/djstudio_pls_bof
2009-12-30
normal DJ Studio Pro 5.1 .pls Stack Buffer Overflow
windows/fileformat/djvu_imageurl
2008-10-30
low
DjVu DjVu_ActiveX_MSOffice.dll ActiveX Com
windows/fileformat/dvdx_plf_bof
2007-06-02
normal DVD X Player 5.5 .plf PlayList Buffer Overflow
windows/fileformat/easycdda_pls_bof
2010-06-07
normal Easy CD-DA Recorder PLS Buffer Overflow
windows/fileformat/emc_appextender_keyworks
2009-09-29
average EMC ApplicationXtender (KeyWorks
windows/fileformat/erdas_er_viewer_bof
2013-04-23
normal ERS Viewer 2011 ERS File Handling Buff
windows/fileformat/erdas_er_viewer_rf_report_error
2013-05-23
normal ERS Viewer 2013 ERS File Handling
windows/fileformat/esignal_styletemplate_bof
2011-09-06
normal eSignal and eSignal Pro File Parsing Bu
windows/fileformat/etrust_pestscan
2009-11-02
average CA eTrust PestPatrol ActiveX Control Buffer
windows/fileformat/ezip_wizard_bof
2009-03-09
good
eZip Wizard 3.0 Stack Buffer Overflow
windows/fileformat/fatplayer_wav
2010-10-18
normal Fat Player Media Player 0.6b0 Buffer Overflo
windows/fileformat/fdm_torrent
2009-02-02
good
Free Download Manager Torrent Parsing Buffe
windows/fileformat/feeddemon_opml
2009-02-09
great
FeedDemon Stack Buffer Overflow
windows/fileformat/foxit_reader_filewrite
2011-03-05
normal Foxit PDF Reader 4.2 Javascript File Write
windows/fileformat/foxit_reader_launch
2009-03-09
good
Foxit Reader 3.0 Open Execute Action Stac
Page 18

Sheet1

windows/fileformat/foxit_title_bof
2010-11-13
great
Foxit PDF Reader v4.1.1 Title Stack Buffer Over
windows/fileformat/free_mp3_ripper_wav
2011-08-27
great
Free MP3 CD Ripper 1.1 WAV File Stack
windows/fileformat/galan_fileformat_bof
2009-12-07
normal gAlan 0.2.1 Buffer Overflow
windows/fileformat/gsm_sim
2010-07-07
normal GSM SIM Editor 5.15 Buffer Overflow
windows/fileformat/gta_samp
2011-09-18
normal GTA SA-MP server.cfg Buffer Overflow
windows/fileformat/hhw_hhp_compiledfile_bof
2006-02-06
good
HTML Help Workshop 4.74 (hhp Projec
windows/fileformat/hhw_hhp_contentfile_bof
2006-02-06
good
HTML Help Workshop 4.74 (hhp Project
windows/fileformat/hhw_hhp_indexfile_bof
2009-01-17
good
HTML Help Workshop 4.74 (hhp Project F
windows/fileformat/ht_mp3player_ht3_bof
2009-06-29
good
HT-MP3Player 1.0 HT3 File Parsing Buffe
windows/fileformat/ibm_forms_viewer_fontname
2013-12-05
normal IBM Forms Viewer Unicode Buffer Ov
windows/fileformat/ibm_pcm_ws
2012-02-28
great
IBM Personal Communications iSeries Acces
windows/fileformat/icofx_bof
2013-12-10
normal IcoFX Stack Buffer Overflow
windows/fileformat/ideal_migration_ipj
2009-12-05
great
PointDev IDEAL Migration Buffer Overflow
windows/fileformat/iftp_schedule_bof
2014-11-06
normal i-FTP Schedule Buffer Overflow
windows/fileformat/irfanview_jpeg2000_bof
2012-01-16
normal Irfanview JPEG2000 jp2 Stack Buffer Ov
windows/fileformat/ispvm_xcf_ispxcf
2012-05-16
normal Lattice Semiconductor ispVM System XCF F
windows/fileformat/kingview_kingmess_kvl
2012-11-20
normal KingView Log File Parsing Buffer Overflo
windows/fileformat/lattice_pac_bof
2012-05-16
normal Lattice Semiconductor PAC-Designer 6.21 S
windows/fileformat/lotusnotes_lzh
2011-05-24
good
Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Key
windows/fileformat/magix_musikmaker_16_mmm
2011-04-26
good
Magix Musik Maker 16 .mmm Stack
windows/fileformat/mcafee_hercules_deletesnapshot
2008-08-04
low
McAfee Remediation Client ActiveX C
windows/fileformat/mcafee_showreport_exec
2012-01-12
normal McAfee SaaS MyCioScan ShowRepor
windows/fileformat/mediacoder_m3u
2013-06-24
normal MediaCoder .M3U Buffer Overflow
windows/fileformat/mediajukebox
2009-07-01
normal Media Jukebox 8.0.400 Buffer Overflow (SE
windows/fileformat/microp_mppl
2010-08-23
great
MicroP 0.1.1.1600 (MPPL File) Stack Buffer O
windows/fileformat/millenium_mp3_pls
2009-07-30
great
Millenium MP3 Studio 2.0 (PLS File) Stack
windows/fileformat/mini_stream_pls_bof
2010-07-16
great
Mini-Stream RM-MP3 Converter v3.1.2.1 P
windows/fileformat/mjm_coreplayer2011_s3m
2011-04-30
good
MJM Core Player 2011 .s3m Stack Bu
windows/fileformat/mjm_quickplayer_s3m
2011-04-30
good
MJM QuickPlayer 1.00 Beta 60a / QuickP
windows/fileformat/moxa_mediadbplayback
2010-10-19
average MOXA MediaDBPlayback ActiveX Con
windows/fileformat/mplayer_m3u_bof
2011-03-19
average MPlayer Lite M3U Buffer Overflow
windows/fileformat/mplayer_sami_bof
2011-05-19
normal MPlayer SAMI Subtitle File Buffer Overflow
windows/fileformat/ms09_067_excel_featheader
2009-11-10
good
MS09-067 Microsoft Excel Malformed
windows/fileformat/ms10_004_textbytesatom
2010-02-09
good
MS10-004 Microsoft PowerPoint Viewe
windows/fileformat/ms10_038_excel_obj_bof
2010-06-08
normal MS11-038 Microsoft Office Excel Malfo
windows/fileformat/ms10_087_rtf_pfragments_bof
2010-11-09
great
MS10-087 Microsoft Word RTF pFrag
windows/fileformat/ms11_006_createsizeddibsection
2010-12-15
great
MS11-006 Microsoft Windows Create
windows/fileformat/ms11_021_xlb_bof
2011-08-09
normal MS11-021 Microsoft Office 2007 Excel .xl
windows/fileformat/ms12_005
2012-01-10
excellent MS12-005 Microsoft Office ClickOnce Unsafe
windows/fileformat/ms12_027_mscomctl_bof
2012-04-10
average MS12-027 MSCOMCTL ActiveX Buffe
windows/fileformat/ms13_071_theme
2013-09-10
excellent MS13-071 Microsoft Windows Theme File
windows/fileformat/ms14_017_rtf
2014-04-01
normal MS14-017 Microsoft Word RTF Object Conf
windows/fileformat/ms14_060_sandworm
2014-10-14
excellent MS14-060 Microsoft Windows OLE Pa
windows/fileformat/ms14_064_packager_python
2014-11-12
excellent MS14-064 Microsoft Windows OLE P
windows/fileformat/ms14_064_packager_run_as_admin
2014-10-21
excellent MS14-064 Microsoft Windows O
windows/fileformat/ms15_020_shortcut_icon_dllloader
2015-03-10
excellent Microsoft Windows Shell LNK Code
windows/fileformat/ms_visual_basic_vbp
2007-09-04
good
Microsoft Visual Basic VBP Buffer Overflo
windows/fileformat/mswin_tiff_overflow
2013-11-05
average MS13-096 Microsoft Tagged Image File Fo
windows/fileformat/msworks_wkspictureinterface
2008-11-28
low
Microsoft Works 7 WkImgSrv.dll WKsPi
Page 19

Sheet1

windows/fileformat/mymp3player_m3u
2010-03-18
good
Steinberg MyMP3Player 3.0 Buffer Overfl
windows/fileformat/netop
2011-04-28
normal NetOp Remote Control Client 9.5 Buffer Overflo
windows/fileformat/nuance_pdf_launch_overflow
2010-10-08
great
Nuance PDF Reader v6.0 Launch Stac
windows/fileformat/openoffice_ole
2008-04-17
normal OpenOffice OLE Importer DocumentSumma
windows/fileformat/orbit_download_failed_bof
2008-04-03
normal Orbit Downloader URL Unicode Convers
windows/fileformat/orbital_viewer_orb
2010-02-27
great
Orbital Viewer ORB File Parsing Buffer Over
windows/fileformat/ovf_format_string
2012-11-08
normal VMWare OVF Tools Format String Vulnerab
windows/fileformat/proshow_cellimage_bof
2009-08-20
great
ProShow Gold v4.0.2549 (PSH File) Stac
windows/fileformat/proshow_load_bof
2012-06-06
normal Photodex ProShow Producer 5.0.3256 loa
windows/fileformat/publishit_pui
2014-02-05
normal Publish-It PUI Buffer Overflow (SEH)
windows/fileformat/real_networks_netzip_bof
2011-01-30
good
Real Networks Netzip Classic 7.5.1 86 F
windows/fileformat/real_player_url_property_bof
2012-12-14
normal RealPlayer RealMedia File Handling Bu
windows/fileformat/realplayer_ver_attribute_bof
2013-12-20
normal RealNetworks RealPlayer Version Attribu
windows/fileformat/safenet_softremote_groupname
2009-10-30
good
SafeNet SoftRemote GROUPNAME
windows/fileformat/sascam_get
2008-12-29
low
SasCam Webcam Server v.2.6.5 Get() Method
windows/fileformat/scadaphone_zip
2011-09-12
good
ScadaTEC ScadaPhone Stack Buffer Overf
windows/fileformat/shadow_stream_recorder_bof
2010-03-29
normal Shadow Stream Recorder 3.0.1.7 Bu
windows/fileformat/somplplayer_m3u
2010-01-22
great
S.O.M.P.L 1.0 Player Buffer Overflow
windows/fileformat/subtitle_processor_m3u_bof
2011-04-26
normal Subtitle Processor 7.7.1 .M3U SEH Un
windows/fileformat/tfm_mmplayer_m3u_ppl_bof
2012-03-23
good
TFM MMPlayer (m3u/ppl File) Buffer O
windows/fileformat/total_video_player_ini_bof
2013-11-24
normal Total Video Player 1.3.1 (Settings.ini) - S
windows/fileformat/tugzip
2008-10-28
good
TugZip 3.5 Zip File Parsing Buffer Overflow Vulne
windows/fileformat/ultraiso_ccd
2009-04-03
great
UltraISO CCD File Parsing Buffer Overflow
windows/fileformat/ultraiso_cue
2007-05-24
great
UltraISO CUE File Parsing Buffer Overflow
windows/fileformat/ursoft_w32dasm
2005-01-24
good
URSoft W32Dasm Disassembler Function B
windows/fileformat/varicad_dwb
2010-03-17
great
VariCAD 2010-2.05 EN (DWB File) Stack Buff
windows/fileformat/videolan_tivo
2008-10-22
good
VideoLAN VLC TiVo Buffer Overflow
windows/fileformat/videospirit_visprj
2011-04-11
good
VeryTools Video Spirit Pro
windows/fileformat/visio_dxf_bof
2010-05-04
good
Microsoft Office Visio VISIODWG.DLL DXF Fil
windows/fileformat/visiwave_vwr_type
2011-05-20
great
VisiWave VWR File Parsing Vulnerability
windows/fileformat/vlc_modplug_s3m
2011-04-07
average VideoLAN VLC ModPlug ReadS3M Stack
windows/fileformat/vlc_realtext
2008-11-05
good
VLC Media Player RealText Subtitle Overflow
windows/fileformat/vlc_smb_uri
2009-06-24
great
VideoLAN Client (VLC) Win32 smb:// URI Buffe
windows/fileformat/vlc_webm
2011-01-31
good
VideoLAN VLC MKV Memory Corruption
windows/fileformat/vuplayer_cue
2009-08-18
good
VUPlayer CUE Buffer Overflow
windows/fileformat/vuplayer_m3u
2009-08-18
good
VUPlayer M3U Buffer Overflow
windows/fileformat/winamp_maki_bof
2009-05-20
normal Winamp MAKI Buffer Overflow
windows/fileformat/winrar_name_spoofing
2009-09-28
excellent WinRAR Filename Spoofing
windows/fileformat/wireshark_mpeg_overflow
2014-03-20
good
Wireshark wiretap/mpeg.c Stack Buffer
windows/fileformat/wireshark_packet_dect
2011-04-18
good
Wireshark packet-dect.c Stack Buffer Ove
windows/fileformat/wm_downloader_m3u
2010-07-28
normal WM Downloader 3.1.2.2 Buffer Overflo
windows/fileformat/xenorate_xpl_bof
2009-08-19
great
Xenorate 2.50 (.xpl) Universal Local Buffer O
windows/fileformat/xion_m3u_sehbof
2010-11-23
great
Xion Audio Player 1.0.126 Unicode Stack B
windows/fileformat/xradio_xrl_sehbof
2011-02-08
normal xRadio 0.95b Buffer Overflow
windows/fileformat/zinfaudioplayer221_pls
2004-09-24
good
Zinf Audio Player 2.2.1 (PLS File) Stack B
windows/firewall/blackice_pam_icq
2004-03-18
great
ISS PAM.dll ICQ Parser Buffer Overflow
windows/firewall/kerio_auth
2003-04-28
average Kerio Firewall 2.1.4 Authentication Packet Ove
windows/ftp/32bitftp_list_reply
2010-10-12
good
32bit FTP Client Stack Buffer Overflow
windows/ftp/3cdaemon_ftp_user
2005-01-04
average 3Com 3CDaemon 2.0 FTP Username Over
Page 20

Sheet1
windows/ftp/aasync_list_reply
windows/ftp/ability_server_stor
windows/ftp/absolute_ftp_list_bof
windows/ftp/cesarftp_mkd
windows/ftp/comsnd_ftpd_fmtstr
windows/ftp/dreamftp_format
windows/ftp/easyfilesharing_pass
windows/ftp/easyftp_cwd_fixret
windows/ftp/easyftp_list_fixret
windows/ftp/easyftp_mkd_fixret
windows/ftp/filecopa_list_overflow
windows/ftp/filewrangler_list_reply
windows/ftp/freefloatftp_user
windows/ftp/freefloatftp_wbem
windows/ftp/freeftpd_pass
windows/ftp/freeftpd_user
windows/ftp/ftpgetter_pwd_reply
windows/ftp/ftppad_list_reply
windows/ftp/ftpshell51_pwd_reply
windows/ftp/ftpsynch_list_reply
windows/ftp/gekkomgr_list_reply
windows/ftp/globalscapeftp_input
windows/ftp/goldenftp_pass_bof
windows/ftp/httpdx_tolog_format
windows/ftp/leapftp_list_reply
windows/ftp/leapftp_pasv_reply
windows/ftp/ms09_053_ftpd_nlst
windows/ftp/netterm_netftpd_user
windows/ftp/odin_list_reply
windows/ftp/open_ftpd_wbem
windows/ftp/oracle9i_xdb_ftp_pass
windows/ftp/oracle9i_xdb_ftp_unlock
windows/ftp/pcman_stor
windows/ftp/proftp_banner
windows/ftp/quickshare_traversal_write
windows/ftp/ricoh_dl_bof
windows/ftp/sami_ftpd_list
windows/ftp/sami_ftpd_user
windows/ftp/sasser_ftpd_port
windows/ftp/scriptftp_list
windows/ftp/seagull_list_reply
windows/ftp/servu_chmod
windows/ftp/servu_mdtm
windows/ftp/slimftpd_list_concat
windows/ftp/trellian_client_pasv
windows/ftp/turboftp_port
windows/ftp/vermillion_ftpd_port
windows/ftp/warftpd_165_pass
windows/ftp/warftpd_165_user

2010-10-12
good
AASync v2.2.1.0 (Win32) Stack Buffer Overflow
2004-10-22
normal Ability Server 2.34 STOR Command Stack Buf
2011-11-09
normal AbsoluteFTP 1.9.6 - 2.2.10 LIST Command R
2006-06-12
average Cesar FTP 0.99g MKD Command Buffer Over
2012-06-08
good
ComSndFTP v1.3.7 Beta USER Format Strin
2004-03-03
good
BolinTech Dream FTP Server 1.02 Format Stri
2006-07-31
average Easy File Sharing FTP Server 2.0 PASS Ov
2010-02-16
great
EasyFTP Server CWD Command Stack Buffer
2010-07-05
great
EasyFTP Server LIST Command Stack Buffer O
2010-04-04
great
EasyFTP Server MKD Command Stack Buffer
2006-07-19
average FileCopa FTP Server Pre 18 Jul Version
2010-10-12
good
FileWrangler 5.30 Stack Buffer Overflow
2012-06-12
normal Free Float FTP Server USER Command Buffer
2012-12-07
excellent FreeFloat FTP Server Arbitrary File Upload
2013-08-20
normal freeFTPd PASS Command Buffer Overflow
2005-11-16
average freeFTPd 1.0 Username Overflow
2010-10-12
good
FTPGetter Standard v3.55.0.05 Stack Buffer O
2010-10-12
good
FTPPad 1.2.0 Stack Buffer Overflow
2010-10-12
good
FTPShell 5.1 Stack Buffer Overflow
2010-10-12
good
FTP Synchronizer Professional 4.0.73.274 Stac
2010-10-12
good
Gekko Manager FTP Client Stack Buffer Over
2005-05-01
great
GlobalSCAPE Secure FTP Server Input Overf
2011-01-23
average GoldenFTP PASS Stack Buffer Overflow
2009-11-17
great
HTTPDX tolog() Function Format String Vulne
2010-10-12
good
LeapFTP 3.0.1 Stack Buffer Overflow
2003-06-09
normal LeapWare LeapFTP v2.7.3.600 PASV Reply
2009-08-31
great
MS09-053 Microsoft IIS FTP Server NLST Re
2005-04-26
great
NetTerm NetFTPD USER Buffer Overflow
2010-10-12
good
Odin Secure FTP 4.1 Stack Buffer Overflow (LIS
2012-06-18
excellent Open-FTPD 1.2 Arbitrary File Upload
2003-08-18
great
Oracle 9i XDB FTP PASS Overflow (win32)
2003-08-18
great
Oracle 9i XDB FTP UNLOCK Overflow (win3
2013-06-27
normal PCMAN FTP Server Post-Authentication STOR
2009-08-25
normal ProFTP 2.9 Banner Remote Buffer Overflow
2011-02-03
excellent QuickShare File Server 1.2.1 Directory Tra
2012-03-01
normal Ricoh DC DL-10 SR10 FTP USER Command Bu
2013-02-27
low
Sami FTP Server LIST Command Buffer Overflow
2006-01-24
normal KarjaSoft Sami FTP Server v2.02 USER Overf
2004-05-10
average Sasser Worm avserve FTP PORT Buffer Ove
2011-10-12
good
ScriptFTP LIST Remote Buffer Overflow
2010-10-12
good
Seagull FTP v3.3 Build 409 Stack Buffer Overflo
2004-12-31
normal Serv-U FTP Server Buffer Overflow
2004-02-26
good
Serv-U FTPD MDTM Overflow
2005-07-21
great
SlimFTPd LIST Concatenation Overflow
2010-04-11
normal Trellian FTP Client 3.01 PASV Remote Buffer O
2012-10-03
great
Turbo FTP Server 1.30.823 PORT Overflow
2009-09-23
great
Vermillion FTP Daemon PORT Command Mem
1998-03-19
average War-FTPD 1.65 Password Overflow
1998-03-19
average War-FTPD 1.65 Username Overflow
Page 21

Sheet1

windows/ftp/wftpd_size
2006-08-23
average Texas Imperial Software WFTPD 3.23 SIZE Ove
windows/ftp/wing_ftp_admin_exec
2014-06-19
normal Wing FTP Server Authenticated Command
windows/ftp/wsftp_server_503_mkd
2004-11-29
great
WS-FTP Server 5.03 MKD Overflow
windows/ftp/wsftp_server_505_xmd5
2006-09-14
average Ipswitch WS_FTP Server 5.05 XMD5 Ov
windows/ftp/xftp_client_pwd
2010-04-22
normal Xftp FTP Client 3.0 PWD Remote Buffer Overfl
windows/ftp/xlink_client
2009-10-03
normal Xlink FTP Client Buffer Overflow
windows/ftp/xlink_server
2009-10-03
good
Xlink FTP Server Buffer Overflow
windows/games/mohaa_getinfo
2004-07-17
great
Medal of Honor Allied Assault getinfo Stack B
windows/games/racer_503beta5
2008-08-10
great
Racer v0.5.3 Beta 5 Buffer Overflow
windows/games/ut2004_secure
2004-06-18
good
Unreal Tournament 2004 "secure" Overflow
windows/http/adobe_robohelper_authbypass
2009-09-23
excellent Adobe RoboHelp Server 8 Arbitrary Fi
windows/http/altn_securitygateway
2008-06-02
average Alt-N SecurityGateway username Buffer Ov
windows/http/altn_webadmin
2003-06-24
average Alt-N WebAdmin USER Buffer Overflow
windows/http/amlibweb_webquerydll_app
2010-08-03
normal Amlibweb NetOpacs webquery.dll Stack
windows/http/apache_chunked
2002-06-19
good
Apache Win32 Chunked Encoding
windows/http/apache_mod_rewrite_ldap
2006-07-28
great
Apache Module mod_rewrite LDAP Proto
windows/http/apache_modjk_overflow
2007-03-02
great
Apache mod_jk 1.2.20 Buffer Overflow
windows/http/avaya_ccr_imageupload_exec
2012-06-28
excellent Avaya IP Office Customer Call Reporte
windows/http/badblue_ext_overflow
2003-04-20
great
BadBlue 2.5 EXT.dll Buffer Overflow
windows/http/badblue_passthru
2007-12-10
great
BadBlue 2.72b PassThru Buffer Overflow
windows/http/bea_weblogic_jsessionid
2009-01-13
good
BEA WebLogic JSESSIONID Cookie Value
windows/http/bea_weblogic_post_bof
2008-07-17
great
Oracle Weblogic Apache Connector POST
windows/http/bea_weblogic_transfer_encoding
2008-09-09
great
BEA Weblogic Transfer-Encoding Buffe
windows/http/belkin_bulldog
2009-03-08
average Belkin Bulldog Plus Web Service Buffer Overfl
windows/http/ca_arcserve_rpc_authbypass
2011-07-25
excellent CA Arcserve D2D GWT RPC Credentia
windows/http/ca_igateway_debug
2005-10-06
average CA iTechnology iGateway Debug Mode Bu
windows/http/ca_totaldefense_regeneratereports
2011-04-13
excellent CA Total Defense Suite reGenerateRe
windows/http/cogent_datahub_command
2014-04-29
manual Cogent DataHub Command Injection
windows/http/cogent_datahub_request_headers_bof
2013-07-26
normal Cogent DataHub HTTP Server Buf
windows/http/coldfusion_fckeditor
2009-07-03
excellent ColdFusion 8.0.1 Arbitrary File Upload and E
windows/http/cyclope_ess_sqli
2012-08-08
excellent Cyclope Employee Surveillance Solution v6 S
windows/http/desktopcentral_file_upload
2013-11-11
excellent ManageEngine Desktop Central AgentLog
windows/http/desktopcentral_statusupdate_upload
2014-08-31
excellent ManageEngine Desktop Central Stat
windows/http/easyftp_list
2010-02-18
great
EasyFTP Server list.html path Stack Buffer Overfl
windows/http/edirectory_host
2006-10-21
great
Novell eDirectory NDS Server Host Header Ove
windows/http/edirectory_imonitor
2005-08-11
great
eDirectory 8.7.3 iMonitor Remote Stack Buffer
windows/http/efs_easychatserver_username
2007-08-14
great
EFS Easy Chat Server Authentication R
windows/http/efs_fmws_userid_bof
2014-05-20
normal Easy File Management Web Server Stack
windows/http/ektron_xslt_exec
2012-10-16
excellent Ektron 8.02 XSLT Transform Remote Code E
windows/http/ericom_access_now_bof
2014-06-02
normal Ericom AccessNow Server Buffer Overflo
windows/http/ezserver_http
2012-06-18
excellent EZHomeTech EzServer Stack Buffer Overflow
windows/http/fdm_auth_header
2009-02-02
great
Free Download Manager Remote Control Ser
windows/http/generic_http_dll_injection
2015-03-04
manual Generic Web Application DLL Injection
windows/http/hp_autopass_license_traversal
2014-01-10
great
HP AutoPass License Server File Upload
windows/http/hp_imc_bims_upload
2013-10-08
excellent HP Intelligent Management Center BIMS U
windows/http/hp_imc_mibfileupload
2013-03-07
great
HP Intelligent Management Center Arbitrary
windows/http/hp_loadrunner_copyfiletoserver
2013-10-30
excellent HP LoadRunner EmulationAdmin Web
windows/http/hp_mpa_job_acct
2011-12-21
excellent HP Managed Printing Administration jobAcc
windows/http/hp_nnm_getnnmdata_hostname
2010-05-11
great
HP OpenView Network Node Manage
Page 22

Sheet1

windows/http/hp_nnm_getnnmdata_icount
2010-05-11
great
HP OpenView Network Node Manager g
windows/http/hp_nnm_getnnmdata_maxage
2010-05-11
great
HP OpenView Network Node Manage
windows/http/hp_nnm_nnmrptconfig_nameparams
2011-01-10
normal HP OpenView NNM nnmRptConfig
windows/http/hp_nnm_nnmrptconfig_schdparams
2011-01-10
normal HP OpenView NNM nnmRptConfig
windows/http/hp_nnm_openview5
2007-12-06
great
HP OpenView Network Node Manager Ope
windows/http/hp_nnm_ovalarm_lang
2009-12-09
great
HP OpenView Network Node Manager ova
windows/http/hp_nnm_ovas
2008-04-02
good
HP OpenView NNM 7.53, 7.51 OVAS.EXE Pre
windows/http/hp_nnm_ovbuildpath_textfile
2011-11-01
normal HP OpenView Network Node Manager o
windows/http/hp_nnm_ovwebhelp
2009-12-09
great
HP OpenView Network Node Manager OvW
windows/http/hp_nnm_ovwebsnmpsrv_main
2010-06-16
great
HP OpenView Network Node Manage
windows/http/hp_nnm_ovwebsnmpsrv_ovutil
2010-06-16
great
HP OpenView Network Node Manager
windows/http/hp_nnm_ovwebsnmpsrv_uro
2010-06-08
great
HP OpenView Network Node Manager
windows/http/hp_nnm_snmp
2009-12-09
great
HP OpenView Network Node Manager Snmp
windows/http/hp_nnm_snmpviewer_actapp
2010-05-11
great
HP OpenView Network Node Manager
windows/http/hp_nnm_toolbar_01
2009-01-07
great
HP OpenView Network Node Manager Toolb
windows/http/hp_nnm_toolbar_02
2009-01-21
normal HP OpenView Network Node Manager Too
windows/http/hp_nnm_webappmon_execvp
2010-07-20
great
HP OpenView Network Node Manage
windows/http/hp_nnm_webappmon_ovjavalocale
2010-08-03
great
HP NNM CGI webappmon.exe OvJa
windows/http/hp_openview_insight_backdoor
2011-01-31
excellent HP OpenView Performance Insight Se
windows/http/hp_pcm_snac_update_certificates
2013-09-09
excellent HP ProCurve Manager SNAC Update
windows/http/hp_pcm_snac_update_domain
2013-09-09
excellent HP ProCurve Manager SNAC Update
windows/http/hp_power_manager_filename
2011-10-19
normal HP Power Manager 'formExportDataLo
windows/http/hp_power_manager_login
2009-11-04
average Hewlett-Packard Power Manager Admin
windows/http/hp_sitescope_runomagentcommand
2013-07-29
manual HP SiteScope Remote Code Exec
windows/http/httpdx_handlepeer
2009-10-08
great
HTTPDX h_handlepeer() Function Buffer Ove
windows/http/httpdx_tolog_format
2009-11-17
great
HTTPDX tolog() Function Format String Vulne
windows/http/ia_webmail
2003-11-03
average IA WebMail 3.x Buffer Overflow
windows/http/ibm_tivoli_endpoint_bof
2011-05-31
good
IBM Tivoli Endpoint Manager POST Query B
windows/http/ibm_tpmfosd_overflow
2007-05-02
good
IBM TPM for OS Deployment 5.1.0.x rembo
windows/http/ibm_tsm_cad_header
2007-09-24
good
IBM Tivoli Storage Manager Express CAD
windows/http/icecast_header
2004-09-28
great
Icecast Header Overwrite
windows/http/integard_password_bof
2010-09-07
great
Race River Integard Home/Pro LoginAdmin
windows/http/intersystems_cache
2009-09-29
great
InterSystems Cache UtilConfigHome.csp Arg
windows/http/intrasrv_bof
2013-05-30
manual Intrasrv 1.0 Buffer Overflow
windows/http/ipswitch_wug_maincfgret
2004-08-25
great
Ipswitch WhatsUp Gold 8.03 Buffer Overflo
windows/http/jira_collector_traversal
2014-02-26
normal JIRA Issues Collector Directory Traversal
windows/http/kaseya_uploadimage_file_upload
2013-11-11
excellent Kaseya uploadImage Arbitrary File Up
windows/http/kolibri_http
2010-12-26
good
Kolibri HTTP Server HEAD Buffer Overflow
windows/http/landesk_thinkmanagement_upload_asp
2012-02-15
excellent LANDesk Lenovo ThinkManagem
windows/http/lexmark_markvision_gfd_upload
2014-12-09
excellent Lexmark MarkVision Enterprise Arbitra
windows/http/mailenable_auth_header
2005-04-24
great
MailEnable Authorization Header Buffer Ov
windows/http/manageengine_apps_mngr
2011-04-08
average ManageEngine Applications Manager
windows/http/maxdb_webdbm_database
2006-08-29
good
MaxDB WebDBM Database Parameter
windows/http/maxdb_webdbm_get_overflow
2005-04-26
good
MaxDB WebDBM GET Buffer Overflow
windows/http/mcafee_epolicy_source
2006-07-17
average McAfee ePolicy Orchestrator / ProtectionP
windows/http/mdaemon_worldclient_form2raw
2003-12-29
great
MDaemon WorldClient form2raw.cgi S
windows/http/minishare_get_overflow
2004-11-07
average Minishare 1.4.1 Buffer Overflow
windows/http/miniweb_upload_wbem
2013-04-09
excellent MiniWeb (Build 300) Arbitrary File Upload
windows/http/navicopa_get_overflow
2006-09-28
great
NaviCOPA 2.0.1 URL Handling Buffer Overf
Page 23

Sheet1

windows/http/netdecision_http_bof
2012-02-24
normal NetDecision 4.5.1 HTTP Server Buffer Over
windows/http/novell_imanager_upload
2010-10-01
excellent Novell iManager getMultiPartParameters
windows/http/novell_mdm_lfi
2013-03-13
normal Novell Zenworks Mobile Managment MDM.php
windows/http/novell_messenger_acceptlang
2006-04-13
average Novell Messenger Server 2.0 Accept-L
windows/http/nowsms
2008-02-19
good
Now SMS/MMS Gateway Buffer Overflow
windows/http/oracle9i_xdb_pass
2003-08-18
great
Oracle 9i XDB HTTP PASS Overflow (win32)
windows/http/oracle_btm_writetofile
2012-08-07
excellent Oracle Business Transaction Management F
windows/http/oracle_endeca_exec
2013-07-16
excellent Oracle Endeca Server Remote Command
windows/http/oracle_event_processing_upload
2014-04-21
excellent Oracle Event Processing FileUploadS
windows/http/osb_uname_jlist
2010-07-13
excellent Oracle Secure Backup Authentication Bypass
windows/http/peercast_url
2006-03-08
average PeerCast URL Handling Buffer Overflow
windows/http/php_apache_request_headers_bof
2012-05-08
normal PHP apache_request_headers Func
windows/http/privatewire_gateway
2006-06-26
average Private Wire Gateway Buffer Overflow
windows/http/psoproxy91_overflow
2004-02-20
average PSO Proxy v0.91 Stack Buffer Overflow
windows/http/rabidhamster_r4_log
2012-02-09
normal RabidHamster R4 Log Entry sprintf() Buffer
windows/http/rejetto_hfs_exec
2014-09-11
excellent Rejetto HttpFileServer Remote Command Exe
windows/http/sambar6_search_results
2003-06-21
normal Sambar 6 Search Results Buffer Overflow
windows/http/sap_configservlet_exec_noauth
2012-11-01
great
SAP ConfigServlet Remote Code Execu
windows/http/sap_host_control_cmd_exec
2012-08-14
average SAP NetWeaver HostControl Comman
windows/http/sapdb_webtools
2007-07-05
great
SAP DB 7.4 WebTools Buffer Overflow
windows/http/savant_31_overflow
2002-09-10
great
Savant 3.1 Web Server Overflow
windows/http/servu_session_cookie
2009-11-01
good
Rhinosoft Serv-U Session Cookie Buffer Ov
windows/http/shoutcast_format
2004-12-23
average SHOUTcast DNAS/win32 1.9.4 File Request
windows/http/shttpd_post
2006-10-06
average SHTTPD URI-Encoded POST Request Overflo
windows/http/solarwinds_fsm_userlogin
2015-03-13
excellent Solarwinds Firewall Security Manager 6.6
windows/http/solarwinds_storage_manager_sql
2011-12-07
excellent Solarwinds Storage Manager 5.1.0 SQ
windows/http/sonicwall_scrutinizer_sqli
2012-07-22
excellent Dell SonicWALL (Plixer) Scrutinizer 9 SQL I
windows/http/steamcast_useragent
2008-01-24
average Streamcast HTTP User-Agent Buffer Over
windows/http/sws_connection_bof
2012-07-20
normal Simple Web Server Connection Header Bu
windows/http/sybase_easerver
2005-07-25
average Sybase EAServer 5.2 Remote Stack Buffer
windows/http/sysax_create_folder
2012-07-29
normal Sysax Multi Server 5.64 Create Folder Buffe
windows/http/trackercam_phparg_overflow
2005-02-18
average TrackerCam PHP Argument Buffer Ove
windows/http/trackit_file_upload
2014-10-07
excellent Numara / BMC Track-It! FileStorageService Ar
windows/http/trendmicro_officescan
2007-06-28
good
Trend Micro OfficeScan Remote Stack Buffe
windows/http/ultraminihttp_bof
2013-07-10
normal Ultra Mini HTTPD Stack Buffer Overflow
windows/http/umbraco_upload_aspx
2012-06-28
excellent Umbraco CMS Remote Command Execu
windows/http/vmware_vcenter_chargeback_upload
2013-05-15
excellent VMware vCenter Chargeback Man
windows/http/webster_http
2002-12-02
average Webster HTTP Server GET Buffer Overflow
windows/http/xampp_webdav_upload_php
2012-01-14
excellent XAMPP WebDAV PHP Upload
windows/http/xitami_if_mod_since
2007-09-24
average Xitami 2.5c2 Web Server If-Modified-Since
windows/http/zenworks_assetmgmt_uploadservlet
2011-11-02
excellent Novell ZENworks Asset Managemen
windows/http/zenworks_uploadservlet
2010-03-30
excellent Novell ZENworks Configuration Managem
windows/iis/iis_webdav_upload_asp
1994-01-01
excellent Microsoft IIS WebDAV Write Access Code
windows/iis/ms01_023_printer
2001-05-01
good
MS01-023 Microsoft IIS 5.0 Printer Host Head
windows/iis/ms01_026_dbldecode
2001-05-15
excellent MS01-026 Microsoft IIS/PWS CGI Filenam
windows/iis/ms01_033_idq
2001-06-18
good
MS01-033 Microsoft IIS 5.0 IDQ Path Overflow
windows/iis/ms02_018_htr
2002-04-10
good
MS02-018 Microsoft IIS 4.0 .HTR Path Overflow
windows/iis/ms02_065_msadc
2002-11-20
normal MS02-065 Microsoft IIS MDAC msadcs.dll R
windows/iis/ms03_007_ntdll_webdav
2003-05-30
great
MS03-007 Microsoft IIS 5.0 WebDAV ntdll.
Page 24

Sheet1

windows/iis/msadc
1998-07-17
excellent MS99-025 Microsoft IIS MDAC msadcs.dll RDS A
windows/imap/eudora_list
2005-12-20
great
Qualcomm WorldMail 3.0 IMAPD LIST Buffer Ov
windows/imap/imail_delete
2004-11-12
average IMail IMAP4D Delete Overflow
windows/imap/ipswitch_search
2007-07-18
average Ipswitch IMail IMAP SEARCH Buffer Overflo
windows/imap/mailenable_login
2006-12-11
great
MailEnable IMAPD (2.34/2.35) Login Request
windows/imap/mailenable_status
2005-07-13
great
MailEnable IMAPD (1.54) STATUS Request B
windows/imap/mailenable_w3c_select
2005-10-03
great
MailEnable IMAPD W3C Logging Buffer O
windows/imap/mdaemon_cram_md5
2004-11-12
great
Mdaemon 8.0.3 IMAPD CRAM-MD5 Aut
windows/imap/mdaemon_fetch
2008-03-13
great
MDaemon 9.6.4 IMAPD FETCH Buffer Over
windows/imap/mercur_imap_select_overflow
2006-03-17
average Mercur v5.0 IMAP SP3 SELECT Buffe
windows/imap/mercur_login
2006-03-17
average Mercur Messaging 2005 IMAP Login Buffer O
windows/imap/mercury_login
2007-03-06
average Mercury/32 LOGIN Buffer Overflow
windows/imap/mercury_rename
2004-11-29
average Mercury/32 v4.01a IMAP RENAME Buffer
windows/imap/novell_netmail_append
2006-12-23
average Novell NetMail IMAP APPEND Buffer Ov
windows/imap/novell_netmail_auth
2007-01-07
average Novell NetMail IMAP AUTHENTICATE Buf
windows/imap/novell_netmail_status
2005-11-18
average Novell NetMail IMAP STATUS Buffer Over
windows/imap/novell_netmail_subscribe
2006-12-23
average Novell NetMail IMAP SUBSCRIBE Buffe
windows/isapi/ms00_094_pbserver
2000-12-04
good
MS00-094 Microsoft IIS Phone Book Servic
windows/isapi/ms03_022_nsiislog_post
2003-06-25
good
MS03-022 Microsoft IIS ISAPI nsiislog.dll
windows/isapi/ms03_051_fp30reg_chunked
2003-11-11
good
MS03-051 Microsoft IIS ISAPI FrontPa
windows/isapi/rsa_webagent_redirect
2005-10-21
good
Microsoft IIS ISAPI RSA WebAgent Redirec
windows/isapi/w3who_query
2004-12-06
good
Microsoft IIS ISAPI w3who.dll Query String Ov
windows/ldap/imail_thc
2004-02-17
average IMail LDAP Service Buffer Overflow
windows/ldap/pgp_keyserver7
2001-07-16
good
Network Associates PGP KeyServer 7 LDAP
windows/license/calicclnt_getconfig
2005-03-02
average Computer Associates License Client GETCO
windows/license/calicserv_getconfig
2005-03-02
normal Computer Associates License Server GETC
windows/license/flexnet_lmgrd_bof
2012-03-23
normal FlexNet License Server Manager lmgrd Buff
windows/license/sentinel_lm7_udp
2005-03-07
average SentinelLM UDP Buffer Overflow
windows/local/adobe_sandbox_adobecollabsync
2013-05-14
great
AdobeCollabSync Buffer Overflow Ad
windows/local/agnitum_outpost_acs
2013-08-02
excellent Agnitum Outpost Internet Security Local Pr
windows/local/always_install_elevated
2010-03-18
excellent Windows AlwaysInstallElevated MSI
windows/local/ask
2012-01-03
excellent Windows Escalate UAC Execute RunAs
windows/local/bthpan
2014-07-18
average Microsoft Bluetooth Personal Area Networking (B
windows/local/bypassuac
2010-12-31
excellent Windows Escalate UAC Protection Bypass
windows/local/bypassuac_injection
2010-12-31
excellent Windows Escalate UAC Protection Bypass
windows/local/current_user_psexec
1999-01-01
excellent PsExec via Current User Token
windows/local/ikeext_service
2012-10-09
good
IKE and AuthIP IPsec Keyring Modules Service
windows/local/ipass_launch_app
2015-03-12
excellent iPass Mobile Client Service Privilege Escala
windows/local/lenovo_systemupdate
2015-04-12
excellent Lenovo System Update Privilege Escalatio
windows/local/mqac_write
2014-07-22
average MQAC.sys Arbitrary Write Privilege Escalation
windows/local/ms10_015_kitrap0d
2010-01-19
great
Windows SYSTEM Escalation via KiTrap0D
windows/local/ms10_092_schelevator
2010-09-13
excellent Windows Escalate Task Scheduler XML P
windows/local/ms11_080_afdjoinleaf
2011-11-30
average MS11-080 AfdJoinLeaf Privilege Escalatio
windows/local/ms13_005_hwnd_broadcast
2012-11-27
excellent MS13-005 HWND_BROADCAST Low
windows/local/ms13_053_schlamperei
2013-12-01
average Windows NTUserMessageCall Win32k K
windows/local/ms13_081_track_popup_menu
2013-10-08
average Windows TrackPopupMenuEx Win3
windows/local/ms13_097_ie_registry_symlink
2013-12-10
great
MS13-097 Registry Symlink IE Sandbox
windows/local/ms14_009_ie_dfsvc
2014-02-11
great
MS14-009 .NET Deployment Service IE San
windows/local/ms14_058_track_popup_menu
2014-10-14
normal Windows TrackPopupMenu Win32k
Page 25

Sheet1

windows/local/ms14_070_tcpip_ioctl
2014-11-11
average MS14-070 Windows tcpip!SetAddrOptions
windows/local/ms15_004_tswbproxy
2015-01-13
good
MS15-004 Microsoft Remote Desktop Ser
windows/local/ms15_051_client_copy_image
2015-05-12
normal Windows ClientCopyImage Win32k E
windows/local/ms_ndproxy
2013-11-27
average MS14-002 Microsoft Windows ndproxy.sys Lo
windows/local/novell_client_nicm
2013-05-22
average Novell Client 2 SP3 nicm.sys Local Privilege
windows/local/novell_client_nwfs
2008-06-26
average Novell Client 4.91 SP4 nwfs.sys Local Privile
windows/local/ntapphelpcachecontrol
2014-09-30
normal MS15-001 Microsoft Windows NtApphelpC
windows/local/nvidia_nvsvc
2012-12-25
average Nvidia (nvsvc) Display Driver Service Local Pri
windows/local/payload_inject
2011-10-12
excellent Windows Manage Memory Payload Injection
windows/local/persistence
2011-10-19
excellent Windows Persistent Registry Startup Payload In
windows/local/powershell_cmd_upgrade
1999-01-01
excellent Windows Command Shell Upgrade (Pow
windows/local/powershell_remoting
1999-01-01
excellent Powershell Remoting Remote Command E
windows/local/ppr_flatten_rec
2013-05-15
average Windows EPATHOBJ::pprFlattenRec Local Pr
windows/local/pxeexploit
2011-08-05
excellent PXE Exploit Server
windows/local/run_as
1999-01-01
normal Windows Run Command As User
windows/local/s4u_persistence
2013-01-02
excellent Windows Manage User Level Persistent Payl
windows/local/service_permissions
2012-10-15
great
Windows Escalate Service Permissions Loca
windows/local/trusted_service_path
2001-10-25
excellent Windows Service Trusted Path Privilege Es
windows/local/virtual_box_guest_additions
2014-07-15
average VirtualBox Guest Additions VBoxGuest.s
windows/local/virtual_box_opengl_escape
2014-03-11
average VirtualBox 3D Acceleration Virtual Mach
windows/local/vss_persistence
2011-10-21
excellent Persistent Payload in Windows Volume Shad
windows/local/wmi
1999-01-01
excellent Windows Management Instrumentation (WMI) Re
windows/lotus/domino_http_accept_language
2008-05-20
average IBM Lotus Domino Web Server Accep
windows/lotus/domino_icalendar_organizer
2010-09-14
normal IBM Lotus Domino iCalendar MAILTO B
windows/lotus/domino_sametime_stmux
2008-05-21
average IBM Lotus Domino Sametime STMux.e
windows/lotus/lotusnotes_lzh
2011-05-24
normal Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyv
windows/lpd/hummingbird_exceed
2005-05-27
average Hummingbird Connectivity 10 SP5 LPD B
windows/lpd/niprint
2003-11-05
good
NIPrint LPD Request Overflow
windows/lpd/saplpd
2008-02-04
good
SAP SAPLPD 6.28 Buffer Overflow
windows/lpd/wincomlpd_admin
2008-02-04
good
WinComLPD Buffer Overflow
windows/misc/achat_bof
2014-12-18
normal Achat Unicode SEH Buffer Overflow
windows/misc/actfax_raw_server_bof
2013-02-05
normal ActFax 5.01 RAW Server Buffer Overflow
windows/misc/agentxpp_receive_agentx
2010-04-16
good
AgentX++ Master AgentX::receive_agent
windows/misc/allmediaserver_bof
2012-07-04
normal ALLMediaServer 0.8 Buffer Overflow
windows/misc/altiris_ds_sqli
2008-05-15
normal Symantec Altiris DS SQL Injection
windows/misc/apple_quicktime_rtsp_response
2007-11-23
normal Apple QuickTime 7.3 RTSP Response
windows/misc/asus_dpcproxy_overflow
2008-03-21
average Asus Dpcproxy Buffer Overflow
windows/misc/avaya_winpmd_unihostrouter
2011-05-23
normal Avaya WinPMD UniteHostRouter Buffe
windows/misc/avidphoneticindexer
2011-11-29
normal Avid Media Composer 5.5 - Avid Phonetic In
windows/misc/bakbone_netvault_heap
2005-04-01
average BakBone NetVault Remote Heap Overflo
windows/misc/bcaaa_bof
2011-04-04
good
Blue Coat Authentication and Authorization Age
windows/misc/bigant_server
2008-04-15
average BigAnt Server 2.2 Buffer Overflow
windows/misc/bigant_server_250
2008-04-15
great
BigAnt Server 2.50 SP1 Buffer Overflow
windows/misc/bigant_server_dupf_upload
2013-01-09
excellent BigAnt Server DUPF Command Arbitrar
windows/misc/bigant_server_sch_dupf_bof
2013-01-09
normal BigAnt Server 2 SCH And DUPF Buffer
windows/misc/bigant_server_usv
2009-12-29
great
BigAnt Server 2.52 USV Buffer Overflow
windows/misc/bomberclone_overflow
2006-02-16
average Bomberclone 0.11.6 Buffer Overflow
windows/misc/bopup_comm
2009-06-18
good
Bopup Communications Server Buffer Overfl
windows/misc/borland_interbase
2007-07-24
average Borland Interbase Create-Request Buffer O
Page 26

Sheet1

windows/misc/borland_starteam
2008-04-02
average Borland CaliberRM StarTeam Multicast Ser
windows/misc/citrix_streamprocess
2011-01-20
good
Citrix Provisioning Services 5.6 streamproce
windows/misc/citrix_streamprocess_data_msg
2011-11-04
normal Citrix Provisioning Services 5.6 SP1 S
windows/misc/citrix_streamprocess_get_boot_record_request
2011-11-04
normal Citrix Provisioning Services 5.6
windows/misc/citrix_streamprocess_get_footer
2011-11-04
normal Citrix Provisioning Services 5.6 SP1 St
windows/misc/citrix_streamprocess_get_objects
2011-11-04
normal Citrix Provisioning Services 5.6 SP1 S
windows/misc/doubletake
2008-06-04
average DoubleTake/HP StorageWorks Storage Mirrori
windows/misc/eiqnetworks_esa
2006-07-24
average eIQNetworks ESA License Manager LICMG
windows/misc/eiqnetworks_esa_topology
2006-07-25
average eIQNetworks ESA Topology DELETEDE
windows/misc/enterasys_netsight_syslog_bof
2011-12-19
normal Enterasys NetSight nssyslogd.exe Buff
windows/misc/eureka_mail_err
2009-10-22
normal Eureka Email 2.2q ERR Remote Buffer Over
windows/misc/fb_cnct_group
2013-01-31
normal Firebird Relational Database CNCT Group Nu
windows/misc/fb_isc_attach_database
2007-10-03
average Firebird Relational Database isc_attach_
windows/misc/fb_isc_create_database
2007-10-03
average Firebird Relational Database isc_create_
windows/misc/fb_svc_attach
2007-10-03
average Firebird Relational Database SVC_attach() B
windows/misc/gimp_script_fu
2012-05-18
normal GIMP script-fu Server Buffer Overflow
windows/misc/hp_dataprotector_cmd_exec
2014-11-02
excellent HP Data Protector 8.10 Remote Comm
windows/misc/hp_dataprotector_crs
2013-06-03
normal HP Data Protector Cell Request Service Bu
windows/misc/hp_dataprotector_dtbclslogin
2010-09-09
normal HP Data Protector DtbClsLogin Buffer O
windows/misc/hp_dataprotector_exec_bar
2014-01-02
excellent HP Data Protector Backup Client Servic
windows/misc/hp_dataprotector_new_folder
2012-03-12
normal HP Data Protector Create New Folder B
windows/misc/hp_dataprotector_traversal
2014-01-02
great
HP Data Protector Backup Client Service D
windows/misc/hp_imc_uam
2012-08-29
normal HP Intelligent Management Center UAM Buff
windows/misc/hp_loadrunner_magentproc
2013-07-27
normal HP LoadRunner magentproc.exe Over
windows/misc/hp_magentservice
2012-01-12
average HP Diagnostics Server magentservice.exe
windows/misc/hp_omniinet_1
2009-12-17
great
HP OmniInet.exe MSG_PROTOCOL Buffer O
windows/misc/hp_omniinet_2
2009-12-17
great
HP OmniInet.exe MSG_PROTOCOL Buffer O
windows/misc/hp_omniinet_3
2011-06-29
great
HP OmniInet.exe Opcode 27 Buffer Overflow
windows/misc/hp_omniinet_4
2011-06-29
good
HP OmniInet.exe Opcode 20 Buffer Overflow
windows/misc/hp_operations_agent_coda_34
2012-07-09
normal HP Operations Agent Opcode coda.e
windows/misc/hp_operations_agent_coda_8c
2012-07-09
normal HP Operations Agent Opcode coda.e
windows/misc/hp_ovtrace
2007-08-09
average HP OpenView Operations OVTrace Buffer Ove
windows/misc/ib_isc_attach_database
2007-10-03
good
Borland InterBase isc_attach_database() B
windows/misc/ib_isc_create_database
2007-10-03
good
Borland InterBase isc_create_database()
windows/misc/ib_svc_attach
2007-10-03
good
Borland InterBase SVC_attach() Buffer Overflo
windows/misc/ibm_cognos_tm1admsd_bof
2012-04-02
normal IBM Cognos tm1admsd.exe Overflow
windows/misc/ibm_director_cim_dllinject
2009-03-10
excellent IBM System Director Agent DLL Injection
windows/misc/ibm_tsm_cad_ping
2009-11-04
good
IBM Tivoli Storage Manager Express CAD S
windows/misc/ibm_tsm_rca_dicugetidentify
2009-11-04
great
IBM Tivoli Storage Manager Express RCA
windows/misc/itunes_extm3u_bof
2012-06-21
normal Apple iTunes 10 Extended M3U Stack Buffe
windows/misc/landesk_aolnsrvr
2007-04-13
average LANDesk Management Suite 8.7 Alert Servi
windows/misc/lianja_db_net
2013-05-22
normal Lianja SQL 1.0.0RC5.1 db_netserver Stack Bu
windows/misc/mercury_phonebook
2005-12-19
average Mercury/32 PH Server Module Buffer Ove
windows/misc/mini_stream
2009-12-25
normal Mini-Stream 3.0.1.1 Buffer Overflow
windows/misc/mirc_privmsg_server
2008-10-02
normal mIRC PRIVMSG Handling Stack Buffer Ov
windows/misc/ms07_064_sami
2007-12-11
normal MS07-064 Microsoft DirectX DirectShow SA
windows/misc/ms10_104_sharepoint
2010-12-14
excellent MS10-104 Microsoft Office SharePoint S
windows/misc/netcat110_nt
2004-12-27
great
Netcat v1.10 NT Stack Buffer Overflow
windows/misc/nettransport
2010-01-02
normal NetTransport Download Manager 2.90.510 Buf
Page 27

Sheet1

windows/misc/nvidia_mental_ray
2013-12-10
excellent Nvidia Mental Ray Satellite Service Arbitrary
windows/misc/poisonivy_bof
2012-06-24
normal Poison Ivy Server Buffer Overflow
windows/misc/poppeeper_date
2009-02-27
normal POP Peeper v3.4 DATE Buffer Overflow
windows/misc/poppeeper_uidl
2009-02-27
normal POP Peeper v3.4 UIDL Buffer Overflow
windows/misc/realtek_playlist
2008-12-16
great
Realtek Media Player Playlist Buffer Overflow
windows/misc/sap_2005_license
2009-08-01
great
SAP Business One License Manager 2005 B
windows/misc/sap_netweaver_dispatcher
2012-05-08
normal SAP NetWeaver Dispatcher DiagTraceR
windows/misc/shixxnote_font
2004-10-04
great
ShixxNOTE 6.net Font Field Overflow
windows/misc/solidworks_workgroup_pdmwservice_file_write
2014-02-22
good
SolidWorks Workgroup PDM 201
windows/misc/splayer_content_type
2011-05-04
normal SPlayer 3.7 Content-Type Buffer Overflow
windows/misc/stream_down_bof
2011-12-27
good
CoCSoft StreamDown 6.8.0 Buffer Overflow
windows/misc/talkative_response
2009-03-17
normal Talkative IRC v0.4.4.16 Response Buffer Ov
windows/misc/tiny_identd_overflow
2007-05-14
average TinyIdentD 2.2 Stack Buffer Overflow
windows/misc/trendmicro_cmdprocessor_addtask
2011-12-07
good
TrendMicro Control Manger CmdPro
windows/misc/ufo_ai
2009-10-28
average UFO: Alien Invasion IRC Client Buffer Overflow
windows/misc/windows_rsh
2007-07-24
average Windows RSH Daemon Buffer Overflow
windows/misc/wireshark_lua
2011-07-18
excellent Wireshark console.lua Pre-Loading Script Exe
windows/misc/wireshark_packet_dect
2011-04-18
good
Wireshark packet-dect.c Stack Buffer Ove
windows/mmsp/ms10_025_wmss_connect_funnel
2010-04-13
great
Windows Media Services Connect
windows/motorola/timbuktu_fileupload
2008-05-10
excellent Timbuktu Pro Directory Traversal/File Uplo
windows/mssql/lyris_listmanager_weak_pass
2005-12-08
excellent Lyris ListManager MSDE Weak sa Pas
windows/mssql/ms02_039_slammer
2002-07-24
good
MS02-039 Microsoft SQL Server Resolut
windows/mssql/ms02_056_hello
2002-08-05
good
MS02-056 Microsoft SQL Server Hello Over
windows/mssql/ms09_004_sp_replwritetovarbin
2008-12-09
good
MS09-004 Microsoft SQL Server sp_r
windows/mssql/ms09_004_sp_replwritetovarbin_sqli
2008-12-09
excellent MS09-004 Microsoft SQL Server sp
windows/mssql/mssql_linkcrawler
2000-01-01
great
Microsoft SQL Server Database Link Crawlin
windows/mssql/mssql_payload
2000-05-30
excellent Microsoft SQL Server Payload Execution
windows/mssql/mssql_payload_sqli
2000-05-30
excellent Microsoft SQL Server Payload Execution v
windows/mysql/mysql_mof
2012-12-01
excellent Oracle MySQL for Microsoft Windows MOF E
windows/mysql/mysql_payload
2009-01-16
excellent Oracle MySQL for Microsoft Windows Paylo
windows/mysql/mysql_start_up
2012-12-01
excellent Oracle MySQL for Microsoft Windows FILE P
windows/mysql/mysql_yassl_hello
2008-01-04
average MySQL yaSSL SSL Hello Message Buffer O
windows/mysql/scrutinizer_upload_exec
2012-07-27
excellent Plixer Scrutinizer NetFlow and sFlow Ana
windows/nfs/xlink_nfsd
2006-11-06
average Omni-NFS Server Buffer Overflow
windows/nntp/ms05_030_nntp
2005-06-14
normal MS05-030 Microsoft Outlook Express NNTP
windows/novell/file_reporter_fsfui_upload
2012-11-16
great
NFR Agent FSFUI Record File Upload RCE
windows/novell/groupwisemessenger_client
2008-07-02
normal Novell GroupWise Messenger Client Bu
windows/novell/netiq_pum_eval
2012-11-15
excellent NetIQ Privileged User Manager 2.3.1 ldapag
windows/novell/nmap_stor
2006-12-23
average Novell NetMail NMAP STOR Buffer Overflow
windows/novell/zenworks_desktop_agent
2005-05-19
good
Novell ZENworks 6.5 Desktop/Server Ma
windows/novell/zenworks_preboot_op21_bof
2010-03-30
normal Novell ZENworks Configuration Manag
windows/novell/zenworks_preboot_op4c_bof
2012-02-22
normal Novell ZENworks Configuration Manag
windows/novell/zenworks_preboot_op6_bof
2010-03-30
normal Novell ZENworks Configuration Manag
windows/novell/zenworks_preboot_op6c_bof
2012-02-22
normal Novell ZENworks Configuration Manag
windows/oracle/client_system_analyzer_upload
2011-01-18
excellent Oracle Database Client System Analy
windows/oracle/extjob
2007-01-01
excellent Oracle Job Scheduler Named Pipe Command Ex
windows/oracle/osb_ndmp_auth
2009-01-14
good
Oracle Secure Backup NDMP_CONNECT_
windows/oracle/tns_arguments
2001-06-28
good
Oracle 8i TNS Listener (ARGUMENTS) Buffe
windows/oracle/tns_auth_sesskey
2009-10-20
great
Oracle 10gR2 TNS Listener AUTH_SESSKE
Page 28

Sheet1

windows/oracle/tns_service_name
2002-05-27
good
Oracle 8i TNS Listener SERVICE_NAME Bu
windows/pop3/seattlelab_pass
2003-05-07
great
Seattle Lab Mail 5.5 POP3 Buffer Overflow
windows/postgres/postgres_payload
2009-04-10
excellent PostgreSQL for Microsoft Windows Payloa
windows/proxy/bluecoat_winproxy_host
2005-01-05
great
Blue Coat WinProxy Host Header Overflow
windows/proxy/ccproxy_telnet_ping
2004-11-11
average CCProxy Telnet Proxy Ping Overflow
windows/proxy/proxypro_http_get
2004-02-23
great
Proxy-Pro Professional GateKeeper 4.7 GET
windows/proxy/qbik_wingate_wwwproxy
2006-06-07
good
Qbik WinGate WWW Proxy Server URL
windows/scada/abb_wserver_exec
2013-04-05
excellent ABB MicroSCADA wserver.exe Remote C
windows/scada/citect_scada_odbc
2008-06-11
normal CitectSCADA/CitectFacilities ODBC Buffer
windows/scada/codesys_gateway_server_traversal
2013-02-02
excellent SCADA 3S CoDeSys Gateway Serv
windows/scada/codesys_web_server
2011-12-02
normal SCADA 3S CoDeSys CmpWebServer St
windows/scada/daq_factory_bof
2011-09-13
good
DaqFactory HMI NETB Request Overflow
windows/scada/factorylink_csservice
2011-03-25
normal Siemens FactoryLink 8 CSService Logging
windows/scada/factorylink_vrn_09
2011-03-21
average Siemens FactoryLink vrn.exe Opcode 9 Bu
windows/scada/ge_proficy_cimplicity_gefebt
2014-01-23
excellent GE Proficy CIMPLICITY gefebt.exe Rem
windows/scada/iconics_genbroker
2011-03-21
good
Iconics GENESIS32 Integer Overflow Versio
windows/scada/iconics_webhmi_setactivexguid
2011-05-05
good
ICONICS WebHMI ActiveX Buffer Ove
windows/scada/igss9_igssdataserver_listall
2011-03-24
good
7-Technologies IGSS IGSSdataServer.exe
windows/scada/igss9_igssdataserver_rename
2011-03-24
normal 7-Technologies IGSS 9 IGSSdataServ
windows/scada/igss9_misc
2011-03-24
excellent 7-Technologies IGSS 9 Data Server/Collector
windows/scada/igss_exec_17
2011-03-21
excellent Interactive Graphical SCADA System Remot
windows/scada/indusoft_webstudio_exec
2011-11-04
excellent InduSoft Web Studio Arbitrary Upload R
windows/scada/moxa_mdmtool
2010-10-20
great
MOXA Device Manager Tool 2.1 Buffer Over
windows/scada/procyon_core_server
2011-09-08
normal Procyon Core Server HMI Coreservice.ex
windows/scada/realwin
2008-09-26
great
DATAC RealWin SCADA Server Buffer Overflow
windows/scada/realwin_on_fc_binfile_a
2011-03-21
great
DATAC RealWin SCADA Server 2 On_FC_
windows/scada/realwin_on_fcs_login
2011-03-21
great
RealWin SCADA Server DATAC Login Buffe
windows/scada/realwin_scpc_initialize
2010-10-15
great
DATAC RealWin SCADA Server SCPC_INIT
windows/scada/realwin_scpc_initialize_rf
2010-10-15
great
DATAC RealWin SCADA Server SCPC_INI
windows/scada/realwin_scpc_txtevent
2010-11-18
great
DATAC RealWin SCADA Server SCPC_TX
windows/scada/scadapro_cmdexe
2011-09-16
excellent Measuresoft ScadaPro Remote Comman
windows/scada/sunway_force_control_netdbsrv
2011-09-22
great
Sunway Forcecontrol SNMP NetDBSe
windows/scada/winlog_runtime
2011-01-13
great
Sielco Sistemi Winlog Buffer Overflow
windows/scada/winlog_runtime_2
2012-06-04
normal Sielco Sistemi Winlog Buffer Overflow 2.07
windows/scada/yokogawa_bkbcopyd_bof
2014-03-10
normal Yokogawa CENTUM CS 3000 BKBCop
windows/scada/yokogawa_bkesimmgr_bof
2014-03-10
normal Yokogawa CS3000 BKESimmgr.exe B
windows/scada/yokogawa_bkfsim_vhfd
2014-05-23
normal Yokogawa CS3000 BKFSim_vhfd.exe B
windows/scada/yokogawa_bkhodeq_bof
2014-03-10
average Yokogawa CENTUM CS 3000 BKHOd
windows/sip/aim_triton_cseq
2006-07-10
great
AIM Triton 1.0.4 CSeq Buffer Overflow
windows/sip/sipxezphone_cseq
2006-07-10
great
SIPfoundry sipXezPhone 0.35a CSeq Field O
windows/sip/sipxphone_cseq
2006-07-10
great
SIPfoundry sipXphone 2.6.0.27 CSeq Buffer O
windows/smb/generic_smb_dll_injection
2015-03-04
manual Generic DLL Injection From Shared Res
windows/smb/group_policy_startup
2015-01-26
manual Group Policy Script Execution From Share
windows/smb/ipass_pipe_exec
2015-01-21
excellent IPass Control Pipe Remote Command Exec
windows/smb/ms03_049_netapi
2003-11-11
good
MS03-049 Microsoft Workstation Service N
windows/smb/ms04_007_killbill
2004-02-10
low
MS04-007 Microsoft ASN.1 Library Bitstring He
windows/smb/ms04_011_lsass
2004-04-13
good
MS04-011 Microsoft LSASS Service DsRole
windows/smb/ms04_031_netdde
2004-10-12
good
MS04-031 Microsoft NetDDE Service Over
windows/smb/ms05_039_pnp
2005-08-09
good
MS05-039 Microsoft Plug and Play Service
Page 29

Sheet1

windows/smb/ms06_025_rasmans_reg
2006-06-13
good
MS06-025 Microsoft RRAS Service RAS
windows/smb/ms06_025_rras
2006-06-13
average MS06-025 Microsoft RRAS Service Overflo
windows/smb/ms06_040_netapi
2006-08-08
good
MS06-040 Microsoft Server Service NetpwP
windows/smb/ms06_066_nwapi
2006-11-14
good
MS06-066 Microsoft Services nwapi32.dll M
windows/smb/ms06_066_nwwks
2006-11-14
good
MS06-066 Microsoft Services nwwks.dll M
windows/smb/ms06_070_wkssvc
2006-11-14
manual MS06-070 Microsoft Workstation Service
windows/smb/ms07_029_msdns_zonename
2007-04-12
manual MS07-029 Microsoft DNS RPC Ser
windows/smb/ms08_067_netapi
2008-10-28
great
MS08-067 Microsoft Server Service Relative
windows/smb/ms09_050_smb2_negotiate_func_index
2009-09-07
good
MS09-050 Microsoft SRV2.SYS S
windows/smb/ms10_046_shortcut_icon_dllloader
2010-07-16
excellent Microsoft Windows Shell LNK Code
windows/smb/ms10_061_spoolss
2010-09-14
excellent MS10-061 Microsoft Print Spooler Service
windows/smb/ms15_020_shortcut_icon_dllloader
2015-03-10
excellent Microsoft Windows Shell LNK Code
windows/smb/netidentity_xtierrpcpipe
2009-04-06
great
Novell NetIdentity Agent XTIERRPCPIPE Na
windows/smb/psexec
1999-01-01
manual Microsoft Windows Authenticated User Code Ex
windows/smb/psexec_psh
1999-01-01
manual Microsoft Windows Authenticated Powershell
windows/smb/smb_relay
2001-03-31
excellent MS08-068 Microsoft Windows SMB Relay Cod
windows/smb/timbuktu_plughntcommand_bof
2009-06-25
great
Timbuktu PlughNTCommand Named
windows/smtp/mailcarrier_smtp_ehlo
2004-10-26
good
TABS MailCarrier v2.51 SMTP EHLO Over
windows/smtp/mercury_cram_md5
2007-08-18
great
Mercury Mail SMTP AUTH CRAM-MD5 Bu
windows/smtp/ms03_046_exchange2000_xexch50
2003-10-15
good
MS03-046 Exchange 2000 XEXC
windows/smtp/njstar_smtp_bof
2011-10-31
normal NJStar Communicator 3.00 MiniSMTP Buffe
windows/smtp/wmailserver
2005-07-11
average SoftiaCom WMailserver 1.0 Buffer Overflow
windows/smtp/ypops_overflow1
2004-09-27
average YPOPS 0.6 Buffer Overflow
windows/ssh/freeftpd_key_exchange
2006-05-12
average FreeFTPd 1.0.10 Key Exchange Algorithm
windows/ssh/freesshd_authbypass
2010-08-11
excellent Freesshd Authentication Bypass
windows/ssh/freesshd_key_exchange
2006-05-12
average FreeSSHd 1.0.9 Key Exchange Algorithm
windows/ssh/putty_msg_debug
2002-12-16
normal PuTTY Buffer Overflow
windows/ssh/securecrt_ssh1
2002-07-23
average SecureCRT SSH1 Buffer Overflow
windows/ssh/sysax_ssh_username
2012-02-27
normal Sysax 5.53 SSH Username Buffer Overflo
windows/ssl/ms04_011_pct
2004-04-13
average MS04-011 Microsoft Private Communications
windows/telnet/gamsoft_telsrv_username
2000-07-17
average GAMSoft TelSrv 1.5 Username Buffer O
windows/telnet/goodtech_telnet
2005-03-15
average GoodTech Telnet Server Buffer Overflow
windows/tftp/attftp_long_filename
2006-11-27
average Allied Telesyn TFTP Server 1.9 Long Filenam
windows/tftp/distinct_tftp_traversal
2012-04-08
excellent Distinct TFTP 3.10 Writable Directory Traversa
windows/tftp/dlink_long_filename
2007-03-12
good
D-Link TFTP 1.0 Long Filename Buffer Overfl
windows/tftp/futuresoft_transfermode
2005-05-31
average FutureSoft TFTP Server 2000 Transfer-Mo
windows/tftp/netdecision_tftp_traversal
2009-05-16
excellent NetDecision 4.2 TFTP Writable Directory Tr
windows/tftp/opentftp_error_code
2008-07-05
average OpenTFTP SP 1.4 Error Packet Overflow
windows/tftp/quick_tftp_pro_mode
2008-03-27
good
Quick FTP Pro 2.1 Transfer-Mode Overflow
windows/tftp/tftpd32_long_filename
2002-11-19
average TFTPD32 Long Filename Buffer Overflow
windows/tftp/tftpdwin_long_filename
2006-09-21
great
TFTPDWIN v0.4.2 Long Filename Buffer Ove
windows/tftp/tftpserver_wrq_bof
2008-03-26
normal TFTP Server for Windows 1.4 ST WRQ Buffe
windows/tftp/threectftpsvc_long_mode
2006-11-27
great
3CTftpSvc TFTP Long Mode Buffer Overflo
windows/unicenter/cam_log_security
2005-08-22
great
CA CAM log_security() Stack Buffer Overflo
windows/vnc/realvnc_client
2001-01-29
normal RealVNC 3.3.7 Client Buffer Overflow
windows/vnc/ultravnc_client
2006-04-04
normal UltraVNC 1.0.1 Client Buffer Overflow
windows/vnc/ultravnc_viewer_bof
2008-02-06
normal UltraVNC 1.0.2 Client (vncviewer.exe) Buffe
windows/vnc/winvnc_http_get
2001-01-29
average WinVNC Web Server GET Overflow
windows/vpn/safenet_ike_11
2009-06-01
average SafeNet SoftRemote IKE Service Buffer Ove
Page 30

Sheet1
windows/winrm/winrm_script_exec
windows/wins/ms04_045_wins

2012-11-01
2004-12-14

Page 31

manual WinRM Script Exec Remote Code Executi

great
MS04-045 Microsoft WINS Service Memory

Sheet1

Privilege Escalation
dar Manager Service Daemon (rpc.cmsd) Opcode 21 Buffer Overflow
pc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)
Samsung Galaxy KNOX Android Browser RCE
Android Browser and WebView addJavascriptInterface Code Execution
dobe Reader for Android addJavascriptInterface Exploit
Towelroot' Futex Requeue Kernel Exploit
MobileSafari LibTIFF Buffer Overflow
S MobileMail LibTIFF Buffer Overflow
OS Default SSH Password Vulnerability
c SoftCart CGI Overflow
Derived /bin/login Extraneous Arguments Buffer Overflow
ec Shellcode from Privileged Javascript Shell
.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (FreeBSD)
Address Space Manipulation Privilege Escalation
NetScaler SOAP Handler Remote Code Execution
ans2open Overflow (*BSD x86)
ACSD report() Buffer Overflow
D Telnet Service Encryption Key ID Buffer Overflow
D Command Execution
printer Command Execution
an Web Management Console Command Injection
obe Flash Player ActionScript Launch Command Execution Vulnerability
- 1.3.0 sreplace Buffer Overflow (Linux)
.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux)
ournament 2004 "secure" Overflow (Linux)
ion FTA getStatus verify_oauth_token Command Execution
n-cgi Buffer Overflow
catel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution
OSSIM SQL Injection and Remote Code Execution
emote Code Execution
N750 login.cgi Buffer Overflow
SQL and Command Injection
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
HTTP Daemon Arbitrary Command Execution
authentication.cgi Buffer Overflow
D-Link Devices Unauthenticated Remote Command Execution
nk DIR-645 / DIR-815 diagnostic.php Command Execution
Devices Unauthenticated Remote Command Execution
DIR-605L Captcha Handling Buffer Overflow
DIR615h OS Command Injection
k info.cgi POST Request Buffer Overflow
edwig.cgi Buffer Overflow in Cookie Header
AP Request Remote Buffer Overflow
Page 32

Sheet1

Link Devices HNAP SOAPAction-Header Command Execution

k Devices UPnP SOAP Command Execution
ERP/CRM Post-Auth OS Command Injection
LI Webif Arbitrary Command Execution
rity Virtual Appliance learn-msg.cgi Command Injection
Remote Root Command Execution
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
Webcm Unauthenticated Command Injection
enticated Remote Command Execution
GPSD Format String Vulnerability
GroundWork monarch_scan.cgi OS Command Injection
System Management Anonymous Access Code Execution
jection and Remote Code Execution
UVC Authenticated RCE via Ping
T54 Access Point apply.cgi Buffer Overflow
ys E1500/E2500 apply.cgi Remote Command Injection
s E-Series TheMoon Remote Command Injection
ys Devices pingstr Remote Command Injection
sys WRT160nv2 apply.cgi Remote Command Injection
ys WRT54GL apply.cgi Command Execution
RENDnet NCC Service Command Injection
5 Arbitrary File Upload
etgear DGN1000B setup.cgi Remote Command Execution
Netgear DGN2200B pppoe.cgi Remote Command Execution
GEAR ReadyNAS Perl Code Evaluation
TTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
filer v2.x NetworkCard Command Execution
a FMS Remote Code Execution
FMS Default Credential / SQLi Remote Code Execution
RL Handling Buffer Overflow
eApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution
p Mail-SeCure livelog.html Arbitrary Command Execution
App Mail-SeCure test_li_connection.php Arbitrary Command Execution
t Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution
Raidsonic NAS Devices Unauthenticated Remote Command Execution

ealtek SDK Miniigd UPnP SOAP Command Execution

eagate Business NAS Unauthenticated Remote Command Execution
rmicro Onboard IPMI close_window.cgi Buffer Overflow
os Web Protection Appliance Interface Authenticated Arbitrary Command Execution
hos Web Protection Appliance sblistpack Arbitrary Command Execution
mantec Web Gateway 5.0.2.8 ipchange.php Command Injection
Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability
antec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability
Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection
ymantec Web Gateway 5 restore.php Post Authentication Command Injection
Synology DiskStation Manager SLICEUPLOAD Remote Command Execution
rris VAP2500 tools_command.php Command Execution
P File Upload and Execute
Page 33

Sheet1

lator v2.3 Command Execution

Calendar 1.2.4 Pre-Auth Remote Code Injection
nverter.php Remote PHP Code Injection
SQL Injection and Remote Code Execution
Load Balancer Filelog Command Execution
Zenoss 3 showDaemonXMLConfig Command Execution
Vault OSSIM av-centerd Command Injection
rifice Pre-Preprocessor Buffer Overflow
P Server LSUB Buffer Overflow
op Linux Password Stealer and Privilege Escalation
Management Homepage Local Privilege Escalation
al Privilege Escalation
Race Condition Privilege Escalation
el Sendpage Local Privilege Escalation
os Web Protection Appliance clear_keys.pl Local Privilege Escalation
etlink Local Privilege Escalation
Setuid vmware-mount Unsafe popen(3)
udo Local Privilege Escalation Exploit
n FTA MPIPE2 Command Execution
buted Ruby Send instance_eval/syscall Code Execution
ting Daemon) Postfix Buffer Overflow
DVR RTSP Request Remote Code Execution
Data Protector 6 EXEC_CMD Remote Code Execution
work Node Manager I PMD Buffer Overflow
geWorks P4000 Virtual SAN Appliance Login Buffer Overflow
pssd.py From Address Arbitrary Command Execution
erBase INET_connect() Buffer Overflow
d InterBase jrd8_create_database() Buffer Overflow
InterBase open_marker_file() Buffer Overflow
InterBase PWD_db_aliased() Buffer Overflow
se_syslog Remote Format String Vulnerability
oDB nativeHelper.apply Remote Code Execution
os Remote Plugin Executor Arbitrary Command Execution
Support Manager Agent Remote Buffer Overflow
l eDirectory 8 Buffer Overflow
Device Remote Code Execution
Server Arbitrary Command Execution
L yaSSL CertDecoder::GetName Buffer Overflow
aSSL SSL Hello Message Buffer Overflow
us IMAPD pop3d popsubfolders USER Buffer Overflow
eSQL for Linux Payload Execution
Negative Read Overflow
NTLM Authenticate Overflow
ain_reply Memory Corruption (Linux x86)
ba lsa_io_trans_names Heap Overflow
SetInformationPolicy AuditEventsInfo Heap Overflow
ns2open Overflow (Linux x86)
and Dovecot Insecure Configuration Command Injection
GHOST (glibc gethostbyname) Buffer Overflow
Page 34

Sheet1

agon FibeAir IP-10 SSH Private Key Exposure

G-IP SSH Private Key Exposure
Loadbalancer.org Enterprise VA SSH Private Key Exposure
antum DXi V1000 SSH Private Key Exposure
antum vmPRO Backdoor Command
tec Messaging Gateway 9.5 Default SSH Password Vulnerability
D-derived Telnet Service Encryption Key ID Buffer Overflow
ink Unauthenticated UPnP M-SEARCH Multicast Command Injection
PnPd 1.0 Stack Buffer Overflow Remote Code Execution
dobe Flash Player ByteArray Use After Free
obe Flash Player Nellymoser Audio Decoding Buffer Overflow
Adobe Flash Player NetConnection Type Confusion
Adobe Flash opaqueBackground Use After Free
obe Flash Player Shader Buffer Overflow
obe Flash Player Drawing Fill Shader Memory Corruption
dobe Flash Player ShaderJob Buffer Overflow
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
3.5 escape() Return Value Memory Corruption
ox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
ox Proxy Prototype Privileged Javascript Injection
location.QueryInterface() Code Execution
17.0.1 Flash Privileged Code Injection
efox toString console.time Privileged Javascript Injection
x WebIDL Privileged Javascript Injection
Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution
X iTunes 8.1.1 ITMS Overflow
a AtomicReferenceArray Type Violation Vulnerability
Java Calendar Deserialization Privilege Escalation
Java JRE getSoundbank file:// URI Buffer Overflow
va Applet Driver Manager Privileged toString() Remote Code Execution
Applet Remote Code Execution
ent Java Applet AverageRangeStatisticImpl Remote Code Execution
pplet JAX-WS Remote Code Execution
Applet JMX Remote Code Execution
Applet JMX Remote Code Execution
va Applet Method Handle Remote Code Execution
a Applet ProviderSkeleton Insecure Invoke Method
a Applet Reflection Type Confusion Remote Code Execution
et Rhino Script Engine Remote Code Execution
a RMIConnectionImpl Deserialization Privilege Escalation
a JRE AWT setDiffICM Buffer Overflow
igned Applet Social Engineering Code Execution
oreImageArray() Invalid Array Indexing Vulnerability
tatement.invoke() Trusted Method Chain Privilege Escalation
Applet Field Bytecode Verifier Cache Remote Code Execution
a Suite/Firefox compareTo() Code Execution
a Suite/Firefox Navigator Object Code Execution
a 9 Configuration Overwrite
historysearch XSS
Page 35

Sheet1

Java toQTPointer() Arbitrary Memory Access

Search Dynamic Script Arbitrary Java Execution
ticSearch Search Groovy Sandbox Bypass
e U3D CLODProgressiveMeshDeclaration Array Overrun
script Injection for Eval-based Unpackers
aplet File Creation and Command Execution
Nodejs js-yaml load() Code Execution
aZip Zip Processing Command Injection
FTPd External Authentication Bash Environment Variable Code Injection
PD SITE EXEC/INDEX Format String Vulnerability
er Remote Payload Execution

ab "chat module" Remote PHP Code Injection Exploit

lorer checkInstall.php Remote Command Execution
pache mod_cgi Bash Environment Variable Code Injection
e Roller OGNL Injection
n CMF Arbitrary PHP File Upload Vulnerability
m RateMyPet Arbitrary File Upload Vulnerability
P BusinessObjects Authenticated Code Execution (via SOAP)
rime Data Center Network Manager Arbitrary File Upload
Fusion 9 Administrative Login Bypass
Filter Bash Environment Variable Code Injection
ow v2.11.2 Arbitrary File Upload Vulnerability
r (CasinoLoader) SQL Injection
HTTP Parameter Key/Value SQL Injection
ork Shutdown Module (sort_values) Remote PHP Code Injection
Engine Eventlog Analyzer Arbitrary File Upload
er v2.1 Arbitrary File Upload Vulnerability
Connections less.php Remote Command Execution
exec_raw.php Arbitrary Command Execution
emote Command Execution
ous Git and Mercurial HTTP Server For CVE-2014-9390
l Code Execution
rbitrary Command Execution
e GlassFish Server Authenticated Code Execution
word v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability
php Remote Command Execution
3.3.12 Backdoor Arbitrary PHP Code Execution
iteScope issueSiebelCmd Remote Code Execution
SiteScope Remote Code Execution
stem Management Homepage JustGetSNMPQueue Command Injection
re Hyperic HQ Groovy Script-Console Java Execution
ig Authenticated Arbitrary PHP Code Execution
MX Console Beanshell Deployer WAR Upload and Deployment
s Java Class DeploymentFileRepository WAR Deployment
eploymentFileRepository WAR Deployment (via JMXInvokerServlet)
MX Console Deployer Upload and Execute
s Seam 2 File Upload and Execute
Script-Console Java Execution
Page 36

Sheet1

l EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability

S 3.0 eval() Remote Command Execution
CMS writeInfo() PHP Code Injection
anageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection
nageEngine Multiple Products Authenticated File Upload
ageEngine Security Manager Plus 5.5 Build 5505 SQL Injection
XmlImportExport Plugin PHP Code Injection Vulnerability
ki Thumb.php Remote Command Execution
eCartly 1.0 Arbitrary File Creation Vulnerability
Remote Command Execution
able Type 4.2x, 4.3x Web Upgrade Remote Code Execution
ny Remote Command Execution
e Arbitrary Remote Code Execution
SurgeFTP Remote Command Execution
.php Remote Command Execution
ome Remote Command Execution
e Admin Console Authentication Bypass
nMediaVault Cron Remote Command Execution
X Backdoor PHP Code Execution
ageEngine OpManager and Social IT Arbitrary File Upload
ms and Reports Remote Code Execution
ra FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability
I Argument Injection
Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability
LDAPadmin query_engine Remote PHP Code Injection
oAdmin 1.1.2 Remote Code Execution
pMyAdmin 3.5.2.2 server_sync.php Backdoor
MyAdmin Authenticated Remote Code Execution via preg_replace()
heduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection
ez Parameter Exec Remote Code Injection
Ploticus Remote Code Execution
Zope XMLTools Remote Command Execution
gelist.php Remote PHP Code Injection Exploit
ear CMS PHP File Upload Vulnerability
sMaker Open Source Authenticated PHP Code Execution
7 Arbitrary PHP File Upload Vulnerability
on Rails JSON Processor YAML Deserialization Code Execution
n Rails Known Secret Session Cookie Remote Code Execution
on Rails XML Processor YAML Deserialization Code Execution
cket Servergraph Admin Center fileRequestor Remote Code Execution
MS 1.0 Arbitrary File Upload Vulnerability
dent Tracker Remote Command Execution
rt nmap.php/nbtscan.php Remote Command Execution
olarWinds Storage Manager Authentication Bypass
WALL GMS 6 Arbitrary File Upload
Search Remote Code Execution
k Custom App Remote Code Execution
mmerce 0.60.1 Arbitrary Command Execution
commerce Arbitrary Command Execution
Page 37

Sheet1

ruts Remote Command Execution

che Struts ClassLoader Manipulation Remote Code Execution
Apache Struts Remote Command Execution
che Struts ParametersInterceptor Remote Code Execution
he Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
Struts 2 Developer Mode OGNL Execution
Struts includeParams Remote Code Execution
L Web Shell Remote PHP Code Execution
L Web Shell Remote Code Execution
a System Web Server WebDAV OPTIONS Buffer Overflow
v1.9.3 Arbitrary File Upload Vulnerability
Tomcat Manager Application Deployer Authenticated Code Execution
Tomcat Manager Authenticated Upload Code Execution
ncp/common.php Remote Code Execution
Monitoring Station post2file.php Arbitrary File Upload
eb Shell Remote Code Execution
roc_deutf() Remote PHP Code Injection
ual Mining NetCharts Server Remote Code Execution
ll Unauthenticated Remote Command Execution
M v5.4.0/v5.3.0 Authenticated Remote Code Execution
RM SOAP AddEmailAttachment Arbitrary File Upload
PageTest Arbitrary PHP File Upload
iki 1.3.2 Spam Logging PHP Injection
2.0.5 lib/message.php preg_replace() PHP Code Execution
uthenticated Remote Command Execution
ent Novell ZENworks Configuration Management Arbitrary File Upload
ell ZENworks Configuration Management Remote Execution
E/RPC Preprocessor Buffer Overflow
Digital Arkeia Remote Code Execution
1.7 SVG Browser Java Code Execution
Data Protector EXEC_INTEGUTIL Remote Code Execution
geWorks P4000 Virtual SAN Appliance Command Execution
IndesignServer 5.5 SOAP Server Arbitrary Script Execution
ebug Wire Protocol Remote Code Execution
X Server Insecure Configuration Java Code Execution
Server Insecure Default Configuration Java Code Execution
OpenView OmniBack II Command Execution
ot pbot eval() Remote Code Execution
Client Automation Command Injection
PHP Bot PubCall Authentication Bypass Remote Code Execution
RITAS NetBackup Remote Command Execution
reshark LWRES Dissector getaddrsbyname_request Buffer Overflow
Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)
ver Java Bridge Arbitrary Java Code Execution
n readvar Buffer Overflow
P 4 unserialize() ZVAL Reference Counter Overflow (Cookie)
Describe Buffer Overflow
2 - 2.2.6 nttrans Buffer Overflow
"username map script" Command Execution
Page 38

Sheet1

SAP Management Console OSExecute Payload Execution

SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution
SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution

ode Execution
n Date Svnserve
ble UPnP SDK unique_service_name() Remote Code Execution
yboard Remote Code Execution
uthentication Remote TCP Stack Buffer Overflow
e Rapport Hagent Fake Hserver Command Execution
tWare LSASS CIFS.NLM Driver Stack Buffer Overflow
6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow
er LoginExt PathName Overflow
up Client Type 77 Overflow (Mac OS X)
Firefox 3.6.16 mChannel Use-After-Free
ari file:// Arbitrary Code Execution
ri Archive Metadata Command Execution
Safari User-Assisted Download and Run Attack
OS X Software Update Command Execution
pp Image Attachment Command Execution
R FTP Server USER Overflow
S X EvoCam HTTP GET Buffer Overflow
X IOKit Keyboard Driver Root Privilege Escalation
NFS Mount Privilege Escalation Exploit
ersistent Payload Installer
otpipe Privilege Escalation
nnelblick Privilege Escalation
etuid-set ViscosityHelper Privilege Escalation
OS X Sudo Password Bypass
X VMWare Fusion Privilege Escalation via Bash Environment Code Injection
X mDNSResponder UPnP Location Overflow
vasion IRC Client Buffer Overflow
OS X QuickTime RTSP Content-Type Overflow
mba lsa_io_trans_names Heap Overflow
ns2open Overflow (Mac OS X PPC)
cd Heap Overflow
PD Command Execution
mba lsa_io_trans_names Heap Overflow
ns2open Overflow (Solaris SPARC)
Solaris sadmind adm_build_path() Buffer Overflow
sadmind Command Execution
ypupdated Command Execution
lnet Remote Authentication Bypass Vulnerability
netd TTYPROMPT Buffer Overflow
t Bash Environment Variable Injection
PD-1.3.3c Backdoor Command Execution
PD 1.3.5 Mod_Copy Command Execution
D v2.3.4 Backdoor Command Execution
ontentKeeper Web Remote Command Execution
Page 39

Sheet1

Router 4200 and 4300 Command Execution

X 2.10.0 / 2.9.0 callmenum Remote Code Execution
om Command Injection
ebugenableplugins Remote Code Execution
MTurbo Operations Manager vmtadmin.cgi Remote Command Execution
alIRCD 3.2.8.1 Backdoor Command Execution

emon Command Execution

CONN Remote Command Execution Vulnerability
Assassin spamd Remote Command Execution
unction Printers (MFP) "Patch" DLM Vulnerability
Agent net.tcp.listen Command Injection
AV Milter Blackhole-Mode Remote Code Execution
string_format Function Heap Buffer Overflow
ray Networks vAPV and vxAG Private Key Privilege Escalation Code Execution
a SSH USERAUTH Change Request Password Reset Vulnerability
ActualAnalyzer 'ant' Cookie Command Execution
ern Digital Arkeia Remote Code Execution
Stats configdir Remote Command Execution
Stats migrate Remote Command Execution
ats Totals multisort Remote Command Execution
acuda IMG.PL Remote Command Execution
E base_qry_common Remote File Include
.5.14 diff.php Arbitrary Command Execution
cti graph_view.php Remote Command Execution
akePHP Cache Corruption Code Execution
berp Web Panel C2 Backdoor Remote PHP Code Execution
trix Access Gateway Command Execution
Bucket Remote Code Execution
ermine Photo Gallery picEditor.php Command Execution
Life Engine preview.php PHP Code Injection
ood CRM spell.php Remote Command Execution
lery PHP File Upload Vulnerability
hChat Arbitrary File Upload
i MAKETEXT Remote Command Execution
PBX config.php Remote Code Execution
Web Application Unix Command Execution
GetSimpleCMS PHP File Upload Vulnerability
oogle Appliance ProxyStyleSheet Command Execution
hite Web Unsafe Pickle Handling
Wright guestbook.pl Arbitrary Command Execution
ail 2.1.1 RC1 Command Injection
lite CMS Arbitary File Upload Vulnerability
de Framework Unserialize PHP Code Execution
ybridAuth install.php PHP Code Execution
CMS 1.6 Remote PHP Code Execution
nvision IP.Board unserialize() PHP Code Execution
omla Akeeba Kickstart Unserialize Remote Code Execution
Joomla Component JCE File Upload Remote Code Execution
Page 40

Sheet1

oomla Media Manager File Upload Vulnerability

a 1.5.12 TinyBrowser File Upload Code Execution
9.2 'db_restore.php' SQL Injection
oCMS File Manager Arbitary File Upload Vulnerability
aarch LetterBox Unrestricted File Upload
bo Cache_Lite Class mosConfig_absolute_path Remote File Include
udio and Web Conferencing Command Injection
Moin twikidraw Action Traversal File Upload
1.6.4 Backdoor Arbitrary Command Execution
3 history.cgi Host Command Execution
gios3 statuswml.cgi Ping Command Execution
os XI Network Monitor Graph Explorer Component Command Injection
rcissus Image Configuration Passthru Vulnerability
pen Flash Chart v2 Arbitrary File Upload
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
enEMR PHP File Upload Vulnerability
penSIS 'modname' PHP Code Execution
HP Openview connectedNodes.ovpl Remote Command Execution
X banner-edit.php File Upload PHP Code Execution
e VM Server Virtual Server Agent Command Injection
Commerce 2.2 Arbitrary PHP Code Execution
X Remote Command Execution
Charts v1.0 PHP Code Execution Vulnerability
HP Code Evaluation
mote File Include Generic Code Execution
etin misc.php Template Name Arbitrary Code Execution
ML-RPC Arbitrary Code Execution
viewtopic.php Arbitrary Code Execution
MyAdmin Config File Code Injection
ect Pier Arbitrary File Upload Vulnerability
ojectSend Arbitrary File Upload
kTime Streaming Server parse_xml.cgi Remote Execution
mine SCM Repository Arbitrary Command Execution
al SQLi Remote Code Execution
t Simple E-Document Arbitrary File Upload
SixApart MovableType Storable Perl Code Execution
BlueCanvas CMS Remote Code Execution
e PHP Blog Remote Command Execution
connect Parameter PHP Injection
sh YAML Code Execution
rrelMail PGP Plugin Command Execution (SMTP)
garCRM unserialize() PHP Code Execution
iWiki tiki-graph_formula Remote PHP Code Execution
jhot Remote Command Execution
Wiki unserialize() PHP Code Execution
x langChoice PHP Local File Inclusion
ap PHP Unserialize Code Execution
ory TWikiUsers rev Parameter Command Execution
AKETEXT Remote Command Execution
Page 41

Sheet1

arch Function Arbitrary Command Execution

etin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
VICIdial Manager Send OS Command Injection
ebmin /file/show.cgi Remote Command Execution
ster 5.x Command Execution
rdPress Admin Shell Upload
t WordPress Plugin Advanced Custom Fields Remote File Inclusion
t WordPress Asset-Manager PHP File Upload Vulnerability
Wordpress Creative Contact Form Upload Vulnerability
Wordpress Download Manager (download-manager) Unauthenticated File Upload
WordPress WP EasyCart Unrestricted File Upload
dPress Plugin Foxypress uploadify.php Arbitrary Code Execution
Wordpress Front-end Editor File Upload
al WordPress Plugin Google Document Embedder Arbitrary File Disclosure
WordPress Holding Pattern Theme Arbitrary File Upload
t Wordpress InBoundio Marketing PHP Upload Vulnerability
dpress InfusionSoft Upload Vulnerability
Press cache_lastpostdate Arbitrary Code Execution
Wordpress N-Media Website Contact Form Upload Vulnerability
ordPress OptimizePress Theme File Upload Vulnerability
nt WordPress Photo Gallery Unrestricted File Upload
WordPress Pixabay Images PHP Code Upload
Press Platform Theme File Upload Vulnerability
ordPress WP-Property PHP File Upload Vulnerability
rdpress Reflex Gallery Upload Vulnerability
WordPress RevSlider File Upload and Execute Vulnerability
ordpress SlideShow Gallery Authenticated File Upload
WordPress WP Symposium 14.11 Shell Upload
dPress W3 Total Cache PHP Code Execution
rdpress Work The Flow Upload Vulnerability
nt WordPress WPshop eCommerce Arbitrary File Upload Vulnerability
rdpress WPTouch Authenticated File Upload
Wordpress MailPoet Newsletters (wysija-newsletters) Unauthenticated File Upload
0.4.5 Arbitrary PHP File Upload Vulnerability
ell Remote Code Execution
laboration Server LFI
ZoneMinder Video Server packageControl Command Execution
anel 10.0.0.2 htpasswd Module Username Command Execution
tec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution
c System Center Alert Management System (xfr.exe) Arbitrary Command Execution
nt Symantec Endpoint Protection Manager /servlet/ConsoleServlet Remote Command Execution
ec Alert Management System Intel Alert Originator Service Buffer Overflow
ntec Remote Management Buffer Overflow
lent Symantec Workspace Streaming ManagementAgentServer.putFile XMLRPC Request Arbitrary File Upload
nd Micro ServerProtect 5.58 Buffer Overflow
Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow
Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow
kup Client Type 77 Overflow (Win32)
Energizer DUO USB Battery Charger Arucer.dll Trojan Code Execution
Page 42

Sheet1

ritas Backup Exec Name Service Overflow

as Backup Exec Windows Remote Agent Overflow
mputer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow
ghtStor Discovery Service TCP Overflow
ightStor Discovery Service Stack Buffer Overflow
uter Associates Alert Notification Buffer Overflow
tStor HSM Buffer Overflow
Stor ARCserve for Laptops and Desktops LGServer Buffer Overflow
ghtStor ARCserve for Laptops and Desktops LGServer Multiple Commands Buffer Overflow
ghtStor ARCserve for Laptops and Desktops LGServer Buffer Overflow
ge CA BrightStor ARCserve for Laptops and Desktops LGServer rxsSetDataGrowthScheduleAndFilter Buffer Overflow
A BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow
htStor ARCserve License Service GCR NETWORK Buffer Overflow
BrightStor ArcServe Media Service Stack Buffer Overflow
BrightStor ARCserve Message Engine Buffer Overflow
A BrightStor ARCserve Message Engine 0x72 Buffer Overflow
CA BrightStor ARCserve Message Engine Heap Overflow
htStor Agent for Microsoft SQL Overflow
ghtStor ARCserve Tape Engine Buffer Overflow
BrightStor ARCserve Tape Engine 0x8A Buffer Overflow
ightStor Universal Agent Overflow
be CoolType SING Table "uniqueName" Stack Buffer Overflow
obe Flash Player Integer Underflow Remote Code Execution
Adobe Flash Player casi32 Integer Overflow
Adobe Flash Player copyPixelsToByteArray Method Integer Overflow
Adobe Flash Player domainMemory ByteArray Use After Free
Adobe Flash Player Type Confusion Remote Code Execution
dobe Flash Player MP4 'cprt' Overflow
al Adobe Flash Player NetConnection Type Confusion
be Flash Player 11.3 Kern Table Parsing Integer Overflow
be Flash Player PCRE Regex Vulnerability
Adobe Flash Player Shader Buffer Overflow
Adobe Flash Player Regular Expression Heap Overflow
be Flash Player Object Type Confusion
be Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
d
Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory
Adobe Flash Player ByteArray With Workers Use After Free
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
dobe Flash Player AVM Bytecode Verification Vulnerability
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
Adobe Flash Player "newfunction" Invalid Pointer Use
Adobe FlateDecode Stream Predictor 02 Integer Overflow
Collab.getIcon() Buffer Overflow
be JBIG2Decode Heap Corruption
Adobe Doc.media.newPlayer Use After Free Vulnerability
Adobe Shockwave rcsL Memory Corruption
e Reader ToolButton Use After Free
util.printf() Buffer Overflow
Page 43

Sheet1

al Advantech WebAccess dvs.ocx GetColor Buffer Overflow

stant Messenger goaway Overflow
laddin Knowledge System Ltd ChooseFilePath Buffer Overflow
a Browser v11.0 'bdo' Tag Overflow
L Radio AmpX ActiveX Control ConvertFile() Buffer Overflow
merica Online ICQ ActiveX Control Arbitrary File Download and Execute
e ITunes 4.7 Playlist Buffer Overflow
Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution
Apple QuickTime 7.7.2 MIME Type Buffer Overflow
le Quicktime 7 Invalid Atom Length Buffer Overflow
ple QuickTime 7.1.3 RTSP URI Buffer Overflow
Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
om Toolbar askBar.dll ActiveX Control Buffer Overflow
ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow
AtHocGov IWSAlerts ActiveX Control Buffer Overflow
esk IDrop ActiveX Control Heap Memory Corruption
cWALL Aventail epi.dll AuthCredential Format String
wingSoft Winds3D Player SceneURL Buffer Overflow
AwingSoft Winds3D Player 3.5 SceneURL Download and Execute
mal BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow
Software BarCodeAx.dll v4.9 ActiveX Remote Stack Buffer Overflow
Black Ice Cover Page ActiveX Control Arbitrary File Download
ent Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
A BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow
at Crypt ActiveX WriteFile Unsafe Method
isco AnyConnect VPN Client ActiveX URL Property Download and Execute
sco Linksys PlayerPT ActiveX Control Buffer Overflow
Cisco Linksys PlayerPT ActiveX Control SetSource sURL Argument Buffer Overflow
x Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability
Rational ClearQuest CQOle Remote Code Execution
ommuniCrypt Mail 1.16 SMTP ActiveX Stack Buffer Overflow
Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow
ystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
ell Webcam CrazyTalk ActiveX BackImage Vulnerability
orldweaver DX Studio Player shell.execute() Command Execution
ectronic Arts SnoopyCtrl ActiveX Control Buffer Overflow
FlipViewer FViewerLoading ActiveX Control Buffer Overflow
t EnjoySAP SAP GUI ActiveX Control Arbitrary File Download
EnjoySAP SAP GUI ActiveX Control Buffer Overflow
ebook Photo Uploader 4 ActiveX Control Buffer Overflow
oxit Reader Plugin URL Processing Buffer Overflow
GetGo Download Manager HTTP Response Buffer Overflow
Player ActiveX Control Buffer Overflow
n Dam URL Processing Buffer Overflow
nt Honeywell HSC Remote Deployer ActiveX Remote Code Execution
oneywell Tema Remote Installer ActiveX Remote Code Execution
mal HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution
HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
Page 44

Sheet1

at
HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution
rsits XUpload ActiveX AddFile Buffer Overflow
P LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
P LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
Mercury Quality Center ActiveX Control ProgColor Buffer Overflow
Hyleos ChemView ActiveX Control Stack Buffer Overflow
SPSS SamplePower C1Tab ActiveX Heap Overflow
BM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow
M Access Support ActiveX Control Buffer Overflow
al IBM Lotus Domino Web Access Upload Module Buffer Overflow
-008 Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability
S13-038 Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability
-014 Microsoft Internet Explorer COM CreateObject Code Execution
S12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability
crosoft Internet Explorer isComponentInstalled Overflow
MS13-080 Microsoft Internet Explorer SetMouseCapture Use-After-Free
osoft Internet Explorer Unsafe Scripting Misconfiguration
Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control
l InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow
M Lotus iNotes dwa85W ActiveX Buffer Overflow
uest InTrust Annotation Objects Uninitialized Pointer
n Java Web Start BasicServiceImpl Code Execution
MM Remote Code Execution
n Java Applet2ClassLoader Remote Code Execution
Java Runtime New Plugin docbase Buffer Overflow
a MixerSequencer Object GM_Song Structure Handling Vulnerability
un Java Web Start Plugin Command Line Argument Injection
un Java Web Start Double Quote Injection
Java Web Start Plugin Command Line Argument Injection
uniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
aa Altnet Download Manager ActiveX Control Buffer Overflow
KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability
ech VideoCall ActiveX Control Buffer Overflow
dia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow
Macrovision InstallShield Update Service Buffer Overflow
crovision InstallShield Update Service ActiveX Unsafe Method
Malwarebytes Anti-Malware and Anti-Exploit Update Remote Code Execution
xthon3 about:history XCS Trusted Zone Code Execution
McAfee Subscription Manager Stack Buffer Overflow
Afee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability
McAfee Visual Trace ActiveX Control Buffer Overflow
RC URL Buffer Overflow
irefox 8/9 AttributeChildRemoved() Use-After-Free
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
efox XMLSerializer Use After Free
ozilla Firefox Interleaved document.write/appendChild Memory Corruption
illa Firefox 3.6.16 mChannel Use-After-Free Vulnerability
efox nsSVGValue Out-of-Bounds Access Vulnerability
Page 45

Sheet1

illa Firefox "nsTreeRange" Dangling Pointer Vulnerability

lla Firefox Array.reduceRight() Integer Overflow
MS03-020 Microsoft Internet Explorer Object Type
05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution
Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution
MS06-013 Microsoft Internet Explorer createTextRange() Code Execution
MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution
MS06-057 Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow
S06-067 Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability
S06-071 Microsoft Internet Explorer XML Core Services HTTP Request Handling
t
Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)
Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download
Windows Media Encoder 9 wmex.dll ActiveX Buffer Overflow
al Microsoft Visual Studio Mdmask32.ocx ActiveX Buffer Overflow
MS08-078 Microsoft Internet Explorer Data Binding Memory Corruption
MS09-002 Microsoft Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption
Microsoft OWC Spreadsheet HTMLURL Buffer Overflow
Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption
S09-072 Microsoft Internet Explorer Style getElementsByTagName Memory Corruption
10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
S10-002 Microsoft Internet Explorer Object Memory Use-After-Free
MS10-018 Microsoft Internet Explorer DHTML Behaviors Use After Free
MS10-018 Microsoft Internet Explorer Tabular Data Control ActiveX Memory Corruption
MS10-022 Microsoft Internet Explorer Winhlp32.exe MsgBox Code Execution
MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
ent Microsoft Help Center XSS and Command Execution
nt Microsoft Windows Shell LNK Code Execution
S10-090 Microsoft Internet Explorer CSS SetUserClip Memory Corruption
MS11-003 Microsoft Internet Explorer CSS Recursive Import Use After Free
al MS11-050 IE mshtml!CObjectElement Use After Free
11-081 Microsoft Internet Explorer Option Element Use-After-Free
11-093 Microsoft Windows OLE Object File Handling Remote Code Execution
2-004 midiOutPlayNextPolyEvent Heap Overflow
S12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow
S12-037 Microsoft Internet Explorer Same ID Property Deleted Object Handling Memory Corruption
MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free
MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access
MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
S13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
13-069 Microsoft Internet Explorer CCaret Use-After-Free
MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free
MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow
MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free
S14-012 Microsoft Internet Explorer TextRange Use-After-Free
MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution
osoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption
Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow
MS12-043 Microsoft XML Core Services MSXML Uninitialized Memory Corruption
Page 46

Sheet1

NCTAudioFile2 v2.x ActiveX Control SetFormatLikeSample() Buffer Overflow

on AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow
tec Norton Internet Security 2004 ActiveX Control Buffer Overflow
BM Lotus Notes Client URL Handler Command Injection
Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution
ell iPrint Client ActiveX Control call-back-url Buffer Overflow
iPrint Client ActiveX Control Date/Time Buffer Overflow
ovell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow
Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow
vell iPrint Client ActiveX Control Buffer Overflow
ovell iPrint Client ActiveX Control Buffer Overflow
ell iPrint Client ActiveX Control target-frame Buffer Overflow
R ActiveX Control Check() Method Buffer Overflow
TR ActiveX Control StopModule() Remote Code Execution
Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
Oracle Document Capture 10g ActiveX Control Buffer Overflow
ent Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
Downloader Connecting Log Creation Buffer Overflow
Ware OVF Tools Format String Vulnerability
10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability
ersits XUpload ActiveX MakeHttpRequest Directory Traversal
otus QuickR qp2 ActiveX Buffer Overflow
al Networks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution
Networks RealPlayer CDDA URI Initialization Vulnerability
Player rmoc3260.dll ActiveX Control Heap Corruption
Player ierpplug.dll ActiveX Control Playlist Name Buffer Overflow
Networks Realplayer QCP Parsing Heap Overflow
etworks RealPlayer SMIL Buffer Overflow
CinePlayer ActiveX Control Buffer Overflow
Safari Webkit libxslt Arbitrary File Creation
mal Samsung NET-i Viewer Multiple ActiveX BackupToAvi() Remote Overflow
SAP AG SAPgui EAI WebViewer3D Buffer Overflow
Siemens Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution
oftArtisans XFile FileManager ActiveX Control Buffer Overflow
nicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow
cellent Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute
l Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow
t Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute
al Symantec BackupExec Calendar Control Buffer Overflow
mal Symantec ConsoleUtilities ActiveX Control Buffer Overflow
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
t Husdawg, LLC. System Requirements Lab ActiveX Unsafe Method
art Professional ActiveX Control Trusted Integer Dereference
Tom Sawyer Software GET Extension Factory Remote Code Execution
end Micro Internet Security Pro 2010 ActiveX extSetOwner() Remote Code Execution
nd Micro OfficeScan Client ActiveX Control Buffer Overflow
mbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow
Ubisoft uplay 2.0.3 ActiveX Control Arbitrary Code Execution
TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow
Page 47

Sheet1

Shareware Office Control ActiveX HttpUpload Buffer Overflow

PDF PDFView OCX ActiveX OpenPDF Heap Overflow
Viscom Software Movie Player Pro SDK ActiveX 6.8
V Dangling Pointer Vulnerability
MMS Stream Handling Buffer Overflow
bDAV Application DLL Hijacker
ebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow
KingScada kxClientDownload.ocx ActiveX Remote Code Execution
amp Playlist UNC Path Computer Name Overflow
amp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow
inDVD7 IASystemInfo.DLL ActiveX Control Buffer Overflow
FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow
soft WMI Administration Tools ActiveX Buffer Overflow
X360 VideoPlayer ActiveX Control Buffer Overflow
y 3.3.0.4 (ASX Filename) Buffer Overflow
Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow
ahoo! Messenger 8.1.0.249 ActiveX Control Buffer Overflow
Zenturi ProgramChecker ActiveX Control Arbitrary File Download
AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution
3-026 Microsoft RPC DCOM Interface Overflow
05-017 Microsoft Message Queueing Service Path Overflow
MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP)
07-065 Microsoft Message Queueing Service DNS Name Path Overflow
Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)
Outlook ATTACH_BY_REF_ONLY File Execution
Outlook ATTACH_BY_REF_RESOLVE File Execution
phaStor Agent Buffer Overflow
t EMC AlphaStor Device Manager Opcode 0x75 Command Injection
C Networker Format String
C Replication Manager Command Execution
PDF WAV to MP3 v1.0.0 Buffer Overflow
Audio Media Player .LST Buffer Overflow
DSee FotoSlate PLP File id Parameter Overflow
ee XPM File Section Buffer Overflow
tiveFax (ActFax) 4.3 Client Importer Buffer Overflow
ePDF WebGrabber ActiveX Control Buffer Overflow
be Collab.collectEmailInfo() Buffer Overflow
be CoolType SING Table "uniqueName" Stack Buffer Overflow
dobe Flash Player "Button" Remote Code Execution
Adobe Flash Player "newfunction" Invalid Pointer Use
Adobe FlateDecode Stream Predictor 02 Integer Overflow
Collab.getIcon() Buffer Overflow
obe Illustrator CS4 v14.0.0
be JBIG2Decode Memory Corruption
robat Bundled LibTIFF Integer Overflow
dobe Doc.media.newPlayer Use After Free Vulnerability
Adobe PDF Embedded EXE Social Engineering
nt Adobe PDF Escape EXE Social Engineering (No JavaScript)
obe Reader U3D Memory Corruption Vulnerability
Page 48

Sheet1

e Reader ToolButton Use After Free

obe U3D CLODProgressiveMeshDeclaration Array Overrun
til.printf() Buffer Overflow
Player M3U Buffer Overflow
ap Salamander 2.5 PE Viewer Buffer Overflow
Desktop 9.6 RTX Buffer Overflow
9.5 Phobos.Playlist Import() Stack-based Buffer Overflow
ple QuickTime PICT PnSize Buffer Overflow
e Quicktime 7 Invalid Atom Length Buffer Overflow
ple QuickTime TeXML Style Element Stack Buffer Overflow
oCoder .M3U Buffer Overflow
Workstation 6.4.2.4.3 pls Buffer Overflow
n 1.4.1 (PLS File) Stack Buffer Overflow
otran PLS File Stack Buffer Overflow
Digital TV Player Professional 1.0 Stack Buffer Overflow
OPC Client Buffer Overflow
etel Connection Manager NetConfig.ini Buffer Overflow
eVideo HDTV Player Pro v6.6 Filename Handling Vulnerability
VD 6.1 PLF Buffer Overflow
etProof FTP Client BPS Buffer Overflow
ayer 2.57 Buffer Overflow (Unicode SEH)
us Engine CAB Buffer Overflow
n and Abel RDP Buffer Overflow
MPlayer 1.5 m3u Playlist Stack Based Buffer Overflow
Chasys Draw IES Buffer Overflow
Cool PDF Image Stream Buffer Overflow
l PDF Fusion Stack Buffer Overflow
ound hetro File Handling Stack Buffer Overflow
CAPE CuteZIP Stack Buffer Overflow
Link Power2Go name Attribute (p2g) Stack Buffer Overflow Exploit
Studio 9.0 (CY3 File) Stack Buffer Overflow
Soft DeepBurner (DBR File) Path Buffer Overflow
tiny Media Player 1.61 PLS M3U Buffer Overflow
tal Music Pad Version 8.2.3.3.4 Stack Buffer Overflow
dio Pro 5.1 .pls Stack Buffer Overflow
Vu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow
Player 5.5 .plf PlayList Buffer Overflow
y CD-DA Recorder PLS Buffer Overflow
EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
S Viewer 2011 ERS File Handling Buffer Overflow
ERS Viewer 2013 ERS File Handling Buffer Overflow
Signal and eSignal Pro File Parsing Buffer Overflow in QUO
Trust PestPatrol ActiveX Control Buffer Overflow
Wizard 3.0 Stack Buffer Overflow
yer Media Player 0.6b0 Buffer Overflow
wnload Manager Torrent Parsing Buffer Overflow
Demon Stack Buffer Overflow
PDF Reader 4.2 Javascript File Write
Reader 3.0 Open Execute Action Stack Based Buffer Overflow
Page 49

Sheet1

Reader v4.1.1 Title Stack Buffer Overflow

e MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow
n 0.2.1 Buffer Overflow
M Editor 5.15 Buffer Overflow
-MP server.cfg Buffer Overflow
TML Help Workshop 4.74 (hhp Project File) Buffer Overflow
ML Help Workshop 4.74 (hhp Project File) Buffer Overflow
ML Help Workshop 4.74 (hhp Project File) Buffer Overflow
MP3Player 1.0 HT3 File Parsing Buffer Overflow
IBM Forms Viewer Unicode Buffer Overflow
rsonal Communications iSeries Access WorkStation 5.9 Profile
ack Buffer Overflow
ev IDEAL Migration Buffer Overflow
Schedule Buffer Overflow
anview JPEG2000 jp2 Stack Buffer Overflow
e Semiconductor ispVM System XCF File Handling Overflow
ngView Log File Parsing Buffer Overflow
Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow
otes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment)
Magix Musik Maker 16 .mmm Stack Buffer Overflow
McAfee Remediation Client ActiveX Control Buffer Overflow
McAfee SaaS MyCioScan ShowReport Remote Command Execution
iaCoder .M3U Buffer Overflow
Jukebox 8.0.400 Buffer Overflow (SEH)
0.1.1.1600 (MPPL File) Stack Buffer Overflow
nium MP3 Studio 2.0 (PLS File) Stack Buffer Overflow
Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow
MJM Core Player 2011 .s3m Stack Buffer Overflow
M QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow
MOXA MediaDBPlayback ActiveX Control Buffer Overflow
ayer Lite M3U Buffer Overflow
ayer SAMI Subtitle File Buffer Overflow
MS09-067 Microsoft Excel Malformed FEATHEADER Record Vulnerability
MS10-004 Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow
MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)
MS11-006 Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
MS12-027 MSCOMCTL ActiveX Buffer Overflow
13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution
017 Microsoft Word RTF Object Confusion
MS14-060 Microsoft Windows OLE Package Manager Code Execution
MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python
lent MS14-064 Microsoft Windows OLE Package Manager Code Execution
t Microsoft Windows Shell LNK Code Execution
osoft Visual Basic VBP Buffer Overflow
3-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow
icrosoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Code Execution
Page 50

Sheet1

nberg MyMP3Player 3.0 Buffer Overflow

mote Control Client 9.5 Buffer Overflow
Nuance PDF Reader v6.0 Launch Stack Buffer Overflow
Office OLE Importer DocumentSummaryInformation Stream Handling Overflow
rbit Downloader URL Unicode Conversion Overflow
Viewer ORB File Parsing Buffer Overflow
are OVF Tools Format String Vulnerability
Show Gold v4.0.2549 (PSH File) Stack Buffer Overflow
odex ProShow Producer 5.0.3256 load File Handling Buffer Overflow
t PUI Buffer Overflow (SEH)
al Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow Vulnerability
ealPlayer RealMedia File Handling Buffer Overflow
ealNetworks RealPlayer Version Attribute Buffer Overflow
SafeNet SoftRemote GROUPNAME Buffer Overflow
Webcam Server v.2.6.5 Get() Method Buffer Overflow
aTEC ScadaPhone Stack Buffer Overflow
Shadow Stream Recorder 3.0.1.7 Buffer Overflow
M.P.L 1.0 Player Buffer Overflow
Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow
TFM MMPlayer (m3u/ppl File) Buffer Overflow
al Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow
Zip File Parsing Buffer Overflow Vulnerability
CCD File Parsing Buffer Overflow
CUE File Parsing Buffer Overflow
ft W32Dasm Disassembler Function Buffer Overflow
2010-2.05 EN (DWB File) Stack Buffer Overflow
N VLC TiVo Buffer Overflow
ls Video Spirit Pro
t Office Visio VISIODWG.DLL DXF File Handling Vulnerability
ave VWR File Parsing Vulnerability
eoLAN VLC ModPlug ReadS3M Stack Buffer Overflow
a Player RealText Subtitle Overflow
N Client (VLC) Win32 smb:// URI Buffer Overflow
N VLC MKV Memory Corruption
er CUE Buffer Overflow
yer M3U Buffer Overflow
amp MAKI Buffer Overflow
nRAR Filename Spoofing
Wireshark wiretap/mpeg.c Stack Buffer Overflow
eshark packet-dect.c Stack Buffer Overflow (local)
WM Downloader 3.1.2.2 Buffer Overflow
ate 2.50 (.xpl) Universal Local Buffer Overflow (SEH)
Audio Player 1.0.126 Unicode Stack Buffer Overflow
o 0.95b Buffer Overflow
Audio Player 2.2.1 (PLS File) Stack Buffer Overflow
M.dll ICQ Parser Buffer Overflow
ewall 2.1.4 Authentication Packet Overflow
Client Stack Buffer Overflow
m 3CDaemon 2.0 FTP Username Overflow
Page 51

Sheet1

v2.2.1.0 (Win32) Stack Buffer Overflow (LIST)

rver 2.34 STOR Command Stack Buffer Overflow
eFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow
TP 0.99g MKD Command Buffer Overflow
dFTP v1.3.7 Beta USER Format String (Write4) Vulnerability
h Dream FTP Server 1.02 Format String
File Sharing FTP Server 2.0 PASS Overflow
Server CWD Command Stack Buffer Overflow
Server LIST Command Stack Buffer Overflow
P Server MKD Command Stack Buffer Overflow
pa FTP Server Pre 18 Jul Version
ngler 5.30 Stack Buffer Overflow
t FTP Server USER Command Buffer Overflow
at FTP Server Arbitrary File Upload
PASS Command Buffer Overflow
1.0 Username Overflow
ter Standard v3.55.0.05 Stack Buffer Overflow (PWD)
.2.0 Stack Buffer Overflow
ell 5.1 Stack Buffer Overflow
chronizer Professional 4.0.73.274 Stack Buffer Overflow
Manager FTP Client Stack Buffer Overflow
CAPE Secure FTP Server Input Overflow
nFTP PASS Stack Buffer Overflow
X tolog() Function Format String Vulnerability
3.0.1 Stack Buffer Overflow
are LeapFTP v2.7.3.600 PASV Reply Client Overflow
053 Microsoft IIS FTP Server NLST Response Overflow
m NetFTPD USER Buffer Overflow
re FTP 4.1 Stack Buffer Overflow (LIST)
FTPD 1.2 Arbitrary File Upload
9i XDB FTP PASS Overflow (win32)
9i XDB FTP UNLOCK Overflow (win32)
FTP Server Post-Authentication STOR Command Stack Buffer Overflow
.9 Banner Remote Buffer Overflow
kShare File Server 1.2.1 Directory Traversal Vulnerability
DL-10 SR10 FTP USER Command Buffer Overflow
erver LIST Command Buffer Overflow
t Sami FTP Server v2.02 USER Overflow
Worm avserve FTP PORT Buffer Overflow
ST Remote Buffer Overflow
TP v3.3 Build 409 Stack Buffer Overflow
FTP Server Buffer Overflow
TPD MDTM Overflow
d LIST Concatenation Overflow
FTP Client 3.01 PASV Remote Buffer Overflow
Server 1.30.823 PORT Overflow
n FTP Daemon PORT Command Memory Corruption
TPD 1.65 Password Overflow
TPD 1.65 Username Overflow
Page 52

Sheet1

erial Software WFTPD 3.23 SIZE Overflow

FTP Server Authenticated Command Execution
TP Server 5.03 MKD Overflow
witch WS_FTP Server 5.05 XMD5 Overflow
Client 3.0 PWD Remote Buffer Overflow
lient Buffer Overflow
Server Buffer Overflow
of Honor Allied Assault getinfo Stack Buffer Overflow
v0.5.3 Beta 5 Buffer Overflow
l Tournament 2004 "secure" Overflow (Win32)
Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
SecurityGateway username Buffer Overflow
WebAdmin USER Buffer Overflow
mlibweb NetOpacs webquery.dll Stack Buffer Overflow
e Win32 Chunked Encoding
che Module mod_rewrite LDAP Protocol Buffer Overflow
che mod_jk 1.2.20 Buffer Overflow
Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution
ue 2.5 EXT.dll Buffer Overflow
e 2.72b PassThru Buffer Overflow
WebLogic JSESSIONID Cookie Value Overflow
e Weblogic Apache Connector POST Request Buffer Overflow
EA Weblogic Transfer-Encoding Buffer Overflow
ulldog Plus Web Service Buffer Overflow
A Arcserve D2D GWT RPC Credential Information Disclosure
Technology iGateway Debug Mode Buffer Overflow
CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection
Cogent DataHub Command Injection
Cogent DataHub HTTP Server Buffer Overflow
sion 8.0.1 Arbitrary File Upload and Execute
e Employee Surveillance Solution v6 SQL Injection
nageEngine Desktop Central AgentLogUpload Arbitrary File Upload
ManageEngine Desktop Central StatusUpdate Arbitrary File Upload
erver list.html path Stack Buffer Overflow
irectory NDS Server Host Header Overflow
ry 8.7.3 iMonitor Remote Stack Buffer Overflow
FS Easy Chat Server Authentication Request Handling Buffer Overflow
File Management Web Server Stack Buffer Overflow
8.02 XSLT Transform Remote Code Execution
com AccessNow Server Buffer Overflow
Tech EzServer Stack Buffer Overflow Vulnerability
ownload Manager Remote Control Server Buffer Overflow
eric Web Application DLL Injection
AutoPass License Server File Upload
ntelligent Management Center BIMS UploadServlet Directory Traversal
elligent Management Center Arbitrary File Upload
P LoadRunner EmulationAdmin Web Service Directory Traversal
anaged Printing Administration jobAcct Remote Command Execution
HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
Page 53

Sheet1

P OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow

HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow
l HP OpenView NNM nnmRptConfig nameParams Buffer Overflow
HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow
penView Network Node Manager OpenView5.exe CGI Buffer Overflow
OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow
nView NNM 7.53, 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow
penView Network Node Manager OvWebHelp.exe CGI Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow
nView Network Node Manager Snmp.exe CGI Buffer Overflow
P OpenView Network Node Manager snmpviewer.exe Buffer Overflow
penView Network Node Manager Toolbar.exe CGI Buffer Overflow
penView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow
HP OpenView Network Node Manager execvp_nc Buffer Overflow
HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow
HP OpenView Performance Insight Server Backdoor Account Code Execution
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
HP Power Manager 'formExportDataLogs' Buffer Overflow
ewlett-Packard Power Manager Administration Buffer Overflow
l HP SiteScope Remote Code Execution
X h_handlepeer() Function Buffer Overflow
X tolog() Function Format String Vulnerability
ail 3.x Buffer Overflow
ivoli Endpoint Manager POST Query Buffer Overflow
TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow
Tivoli Storage Manager Express CAD Service Buffer Overflow
eader Overwrite
River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow
stems Cache UtilConfigHome.csp Argument Buffer Overflow
0 Buffer Overflow
tch WhatsUp Gold 8.03 Buffer Overflow
sues Collector Directory Traversal
Kaseya uploadImage Arbitrary File Upload
P Server HEAD Buffer Overflow
ent LANDesk Lenovo ThinkManagement Console Remote Command Execution
Lexmark MarkVision Enterprise Arbitrary File Upload
Enable Authorization Header Buffer Overflow
ManageEngine Applications Manager Authenticated Code Execution
MaxDB WebDBM Database Parameter Overflow
MaxDB WebDBM GET Buffer Overflow
Afee ePolicy Orchestrator / ProtectionPilot Overflow
MDaemon WorldClient form2raw.cgi Stack Buffer Overflow
share 1.4.1 Buffer Overflow
niWeb (Build 300) Arbitrary File Upload
OPA 2.0.1 URL Handling Buffer Overflow
Page 54

Sheet1

cision 4.5.1 HTTP Server Buffer Overflow

ell iManager getMultiPartParameters Arbitrary File Upload
enworks Mobile Managment MDM.php Local File Inclusion Vulnerability
Novell Messenger Server 2.0 Accept-Language Overflow
MMS Gateway Buffer Overflow
9i XDB HTTP PASS Overflow (win32)
Business Transaction Management FlashTunnelService Remote Code Execution
le Endeca Server Remote Command Execution
Oracle Event Processing FileUploadServlet Arbitrary File Upload
Secure Backup Authentication Bypass/Command Injection Vulnerability
URL Handling Buffer Overflow
PHP apache_request_headers Function Buffer Overflow
e Wire Gateway Buffer Overflow
Proxy v0.91 Stack Buffer Overflow
Hamster R4 Log Entry sprintf() Buffer Overflow
HttpFileServer Remote Command Execution
mbar 6 Search Results Buffer Overflow
AP ConfigServlet Remote Code Execution
SAP NetWeaver HostControl Command Injection
7.4 WebTools Buffer Overflow
3.1 Web Server Overflow
soft Serv-U Session Cookie Buffer Overflow
Tcast DNAS/win32 1.9.4 File Request Format String Overflow
URI-Encoded POST Request Overflow
arwinds Firewall Security Manager 6.6.5 Client Session Handling Vulnerability
Solarwinds Storage Manager 5.1.0 SQL Injection
SonicWALL (Plixer) Scrutinizer 9 SQL Injection
amcast HTTP User-Agent Buffer Overflow
e Web Server Connection Header Buffer Overflow
e EAServer 5.2 Remote Stack Buffer Overflow
Multi Server 5.64 Create Folder Buffer Overflow
rackerCam PHP Argument Buffer Overflow
/ BMC Track-It! FileStorageService Arbitrary File Upload
Micro OfficeScan Remote Stack Buffer Overflow
ni HTTPD Stack Buffer Overflow
braco CMS Remote Command Execution
nt VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
HTTP Server GET Buffer Overflow
XAMPP WebDAV PHP Upload
i 2.5c2 Web Server If-Modified-Since Overflow
t Novell ZENworks Asset Management Remote Execution
ell ZENworks Configuration Management Remote Execution
osoft IIS WebDAV Write Access Code Execution
23 Microsoft IIS 5.0 Printer Host Header Overflow
1-026 Microsoft IIS/PWS CGI Filename Double Decode Command Execution
3 Microsoft IIS 5.0 IDQ Path Overflow
8 Microsoft IIS 4.0 .HTR Path Overflow
-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow
3-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow
Page 55

Sheet1

Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution

m WorldMail 3.0 IMAPD LIST Buffer Overflow
AP4D Delete Overflow
ch IMail IMAP SEARCH Buffer Overflow
able IMAPD (2.34/2.35) Login Request Buffer Overflow
able IMAPD (1.54) STATUS Request Buffer Overflow
Enable IMAPD W3C Logging Buffer Overflow
daemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
mon 9.6.4 IMAPD FETCH Buffer Overflow
Mercur v5.0 IMAP SP3 SELECT Buffer Overflow
Messaging 2005 IMAP Login Buffer Overflow
y/32 LOGIN Buffer Overflow
cury/32 v4.01a IMAP RENAME Buffer Overflow
vell NetMail IMAP APPEND Buffer Overflow
ell NetMail IMAP AUTHENTICATE Buffer Overflow
ell NetMail IMAP STATUS Buffer Overflow
vell NetMail IMAP SUBSCRIBE Buffer Overflow
0-094 Microsoft IIS Phone Book Service Overflow
03-022 Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow
MS03-051 Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow
soft IIS ISAPI RSA WebAgent Redirect Overflow
ft IIS ISAPI w3who.dll Query String Overflow
P Service Buffer Overflow
k Associates PGP KeyServer 7 LDAP Buffer Overflow
uter Associates License Client GETCONFIG Overflow
uter Associates License Server GETCONFIG Overflow
et License Server Manager lmgrd Buffer Overflow
nelLM UDP Buffer Overflow
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
um Outpost Internet Security Local Privilege Escalation
ows AlwaysInstallElevated MSI
calate UAC Execute RunAs
Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation
Escalate UAC Protection Bypass
ows Escalate UAC Protection Bypass (In Memory Injection)
ec via Current User Token
AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL
Mobile Client Service Privilege Escalation
ovo System Update Privilege Escalation
ys Arbitrary Write Privilege Escalation
ws SYSTEM Escalation via KiTrap0D
ndows Escalate Task Scheduler XML Privilege Escalation
11-080 AfdJoinLeaf Privilege Escalation
MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation
indows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
Windows TrackPopupMenuEx Win32k NULL Page
S13-097 Registry Symlink IE Sandbox Escape
-009 .NET Deployment Service IE Sandbox Escape
Windows TrackPopupMenu Win32k NULL Pointer Dereference
Page 56

Sheet1

4-070 Windows tcpip!SetAddrOptions NULL Pointer Dereference

5-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape
Windows ClientCopyImage Win32k Exploit
02 Microsoft Windows ndproxy.sys Local Privilege Escalation
Client 2 SP3 nicm.sys Local Privilege Escalation
Client 4.91 SP4 nwfs.sys Local Privilege Escalation
5-001 Microsoft Windows NtApphelpCacheControl Improper Authorization Check
nvsvc) Display Driver Service Local Privilege Escalation
s Manage Memory Payload Injection
Persistent Registry Startup Payload Installer
indows Command Shell Upgrade (Powershell)
rshell Remoting Remote Command Execution
s EPATHOBJ::pprFlattenRec Local Privilege Escalation

un Command As User
ws Manage User Level Persistent Payload Installer
ws Escalate Service Permissions Local Privilege Escalation
ows Service Trusted Path Privilege Escalation
tualBox Guest Additions VBoxGuest.sys Privilege Escalation
rtualBox 3D Acceleration Virtual Machine Escape
ent Payload in Windows Volume Shadow Copy
anagement Instrumentation (WMI) Remote Command Execution
IBM Lotus Domino Web Server Accept-Language Stack Buffer Overflow
M Lotus Domino iCalendar MAILTO Buffer Overflow
BM Lotus Domino Sametime STMux.exe Stack Buffer Overflow
otes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment)
mmingbird Connectivity 10 SP5 LPD Buffer Overflow
Request Overflow
D 6.28 Buffer Overflow
mLPD Buffer Overflow
code SEH Buffer Overflow
Fax 5.01 RAW Server Buffer Overflow
entX++ Master AgentX::receive_agentx Stack Buffer Overflow
ediaServer 0.8 Buffer Overflow
c Altiris DS SQL Injection
Apple QuickTime 7.3 RTSP Response Header Buffer Overflow
us Dpcproxy Buffer Overflow
Avaya WinPMD UniteHostRouter Buffer Overflow
Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow
akBone NetVault Remote Heap Overflow
t Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow
Server 2.2 Buffer Overflow
Server 2.50 SP1 Buffer Overflow
gAnt Server DUPF Command Arbitrary File Upload
igAnt Server 2 SCH And DUPF Buffer Overflow
Server 2.52 USV Buffer Overflow
mberclone 0.11.6 Buffer Overflow
Communications Server Buffer Overflow
nd Interbase Create-Request Buffer Overflow
Page 57

Sheet1

nd CaliberRM StarTeam Multicast Service Buffer Overflow

Provisioning Services 5.6 streamprocess.exe Buffer Overflow
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow
mal Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020004 Buffer Overflow
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow
ake/HP StorageWorks Storage Mirroring Service Authentication Overflow
etworks ESA License Manager LICMGR_ADDLICENSE Overflow
QNetworks ESA Topology DELETEDEVICE Overflow
Enterasys NetSight nssyslogd.exe Buffer Overflow
Email 2.2q ERR Remote Buffer Overflow
Relational Database CNCT Group Number Buffer Overflow
ebird Relational Database isc_attach_database() Buffer Overflow
ebird Relational Database isc_create_database() Buffer Overflow
Relational Database SVC_attach() Buffer Overflow
cript-fu Server Buffer Overflow
HP Data Protector 8.10 Remote Command Execution
Data Protector Cell Request Service Buffer Overflow
P Data Protector DtbClsLogin Buffer Overflow
P Data Protector Backup Client Service Remote Code Execution
P Data Protector Create New Folder Buffer Overflow
Data Protector Backup Client Service Directory Traversal
elligent Management Center UAM Buffer Overflow
HP LoadRunner magentproc.exe Overflow
Diagnostics Server magentservice.exe Overflow
niInet.exe MSG_PROTOCOL Buffer Overflow
niInet.exe MSG_PROTOCOL Buffer Overflow
niInet.exe Opcode 27 Buffer Overflow
niInet.exe Opcode 20 Buffer Overflow
HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow
HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow
nView Operations OVTrace Buffer Overflow
and InterBase isc_attach_database() Buffer Overflow
and InterBase isc_create_database() Buffer Overflow
nterBase SVC_attach() Buffer Overflow
IBM Cognos tm1admsd.exe Overflow
System Director Agent DLL Injection
Tivoli Storage Manager Express CAD Service Buffer Overflow
M Tivoli Storage Manager Express RCA Service Buffer Overflow
iTunes 10 Extended M3U Stack Buffer Overflow
esk Management Suite 8.7 Alert Service Buffer Overflow
QL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
rcury/32 PH Server Module Buffer Overflow
eam 3.0.1.1 Buffer Overflow
C PRIVMSG Handling Stack Buffer Overflow
7-064 Microsoft DirectX DirectShow SAMI Buffer Overflow
10-104 Microsoft Office SharePoint Server 2007 Remote Code Execution
.10 NT Stack Buffer Overflow
port Download Manager 2.90.510 Buffer Overflow
Page 58

Sheet1

Mental Ray Satellite Service Arbitrary DLL Injection

vy Server Buffer Overflow
Peeper v3.4 DATE Buffer Overflow
eeper v3.4 UIDL Buffer Overflow
edia Player Playlist Buffer Overflow
usiness One License Manager 2005 Buffer Overflow
AP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow
TE 6.net Font Field Overflow
d
SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write
yer 3.7 Content-Type Buffer Overflow
oft StreamDown 6.8.0 Buffer Overflow
ve IRC v0.4.4.16 Response Buffer Overflow
dentD 2.2 Stack Buffer Overflow
TrendMicro Control Manger CmdProcessor.exe Stack Buffer Overflow
Invasion IRC Client Buffer Overflow
ws RSH Daemon Buffer Overflow
ark console.lua Pre-Loading Script Execution
shark packet-dect.c Stack Buffer Overflow
Windows Media Services ConnectFunnel Stack Buffer Overflow
buktu Pro Directory Traversal/File Upload
Lyris ListManager MSDE Weak sa Password
02-039 Microsoft SQL Server Resolution Overflow
-056 Microsoft SQL Server Hello Overflow
MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption
t MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
oft SQL Server Database Link Crawling Command Execution
soft SQL Server Payload Execution
osoft SQL Server Payload Execution via SQL Injection
MySQL for Microsoft Windows MOF Execution
e MySQL for Microsoft Windows Payload Execution
MySQL for Microsoft Windows FILE Privilege Abuse
QL yaSSL SSL Hello Message Buffer Overflow
xer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
Server Buffer Overflow
-030 Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
Agent FSFUI Record File Upload RCE
ovell GroupWise Messenger Client Buffer Overflow
Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution
etMail NMAP STOR Buffer Overflow
vell ZENworks 6.5 Desktop/Server Management Overflow
Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow
Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow
Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow
Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow
Oracle Database Client System Analyzer Arbitrary File Upload
Scheduler Named Pipe Command Execution
e Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow
8i TNS Listener (ARGUMENTS) Buffer Overflow
10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow
Page 59

Sheet1

e 8i TNS Listener SERVICE_NAME Buffer Overflow

Lab Mail 5.5 POP3 Buffer Overflow
greSQL for Microsoft Windows Payload Execution
Coat WinProxy Host Header Overflow
roxy Telnet Proxy Ping Overflow
Pro Professional GateKeeper 4.7 GET Request Overflow
ik WinGate WWW Proxy Server URL Processing Overflow
MicroSCADA wserver.exe Remote Code Execution
tSCADA/CitectFacilities ODBC Buffer Overflow
nt SCADA 3S CoDeSys Gateway Server Directory Traversal
ADA 3S CoDeSys CmpWebServer Stack Buffer Overflow
ctory HMI NETB Request Overflow
ens FactoryLink 8 CSService Logging Path Param Buffer Overflow
ens FactoryLink vrn.exe Opcode 9 Buffer Overflow
E Proficy CIMPLICITY gefebt.exe Remote Code Execution
s GENESIS32 Integer Overflow Version 9.21.201.01
CONICS WebHMI ActiveX Buffer Overflow
echnologies IGSS IGSSdataServer.exe Stack Buffer Overflow
7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow
ologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities
tive Graphical SCADA System Remote Command Injection
duSoft Web Studio Arbitrary Upload Remote Code Execution
A Device Manager Tool 2.1 Buffer Overflow
cyon Core Server HMI Coreservice.exe Stack Buffer Overflow
alWin SCADA Server Buffer Overflow
AC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow
Win SCADA Server DATAC Login Buffer Overflow
C RealWin SCADA Server SCPC_INITIALIZE Buffer Overflow
C RealWin SCADA Server SCPC_INITIALIZE_RF Buffer Overflow
AC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
asuresoft ScadaPro Remote Command Execution
Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
Sistemi Winlog Buffer Overflow
o Sistemi Winlog Buffer Overflow 2.07.14 - 2.07.16
Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow
Yokogawa CS3000 BKESimmgr.exe Buffer Overflow
okogawa CS3000 BKFSim_vhfd.exe Buffer Overflow
Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow
n 1.0.4 CSeq Buffer Overflow
ndry sipXezPhone 0.35a CSeq Field Overflow
dry sipXphone 2.6.0.27 CSeq Buffer Overflow
neric DLL Injection From Shared Resource
up Policy Script Execution From Shared Resource
Control Pipe Remote Command Execution
3-049 Microsoft Workstation Service NetAddAlternateComputerName Overflow
07 Microsoft ASN.1 Library Bitstring Heap Overflow
-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow
4-031 Microsoft NetDDE Service Overflow
-039 Microsoft Plug and Play Service Overflow
Page 60

Sheet1

S06-025 Microsoft RRAS Service RASMAN Registry Overflow

6-025 Microsoft RRAS Service Overflow
6-040 Microsoft Server Service NetpwPathCanonicalize Overflow
6-066 Microsoft Services nwapi32.dll Module Exploit
6-066 Microsoft Services nwwks.dll Module Exploit
06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow
MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)
-067 Microsoft Server Service Relative Path Stack Corruption
MS09-050 Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
Microsoft Windows Shell LNK Code Execution
10-061 Microsoft Print Spooler Service Impersonation Vulnerability
Microsoft Windows Shell LNK Code Execution
NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow
Windows Authenticated User Code Execution
oft Windows Authenticated Powershell Command Execution
68 Microsoft Windows SMB Relay Code Execution
Timbuktu PlughNTCommand Named Pipe Buffer Overflow
S MailCarrier v2.51 SMTP EHLO Overflow
cury Mail SMTP AUTH CRAM-MD5 Buffer Overflow
MS03-046 Exchange 2000 XEXCH50 Heap Overflow
Communicator 3.00 MiniSMTP Buffer Overflow
om WMailserver 1.0 Buffer Overflow
PS 0.6 Buffer Overflow
eFTPd 1.0.10 Key Exchange Algorithm String Buffer Overflow
sshd Authentication Bypass
eeSSHd 1.0.9 Key Exchange Algorithm String Buffer Overflow
Y Buffer Overflow
CRT SSH1 Buffer Overflow
ax 5.53 SSH Username Buffer Overflow
011 Microsoft Private Communications Transport Overflow
AMSoft TelSrv 1.5 Username Buffer Overflow
ech Telnet Server Buffer Overflow
Telesyn TFTP Server 1.9 Long Filename Overflow
TFTP 3.10 Writable Directory Traversal Execution
TFTP 1.0 Long Filename Buffer Overflow
eSoft TFTP Server 2000 Transfer-Mode Overflow
ecision 4.2 TFTP Writable Directory Traversal Execution
TFTP SP 1.4 Error Packet Overflow
FTP Pro 2.1 Transfer-Mode Overflow
D32 Long Filename Buffer Overflow
WIN v0.4.2 Long Filename Buffer Overflow
erver for Windows 1.4 ST WRQ Buffer Overflow
pSvc TFTP Long Mode Buffer Overflow
AM log_security() Stack Buffer Overflow (Win32)
3.3.7 Client Buffer Overflow
1.0.1 Client Buffer Overflow
NC 1.0.2 Client (vncviewer.exe) Buffer Overflow
C Web Server GET Overflow
et SoftRemote IKE Service Buffer Overflow
Page 61

Sheet1

RM Script Exec Remote Code Execution

045 Microsoft WINS Service Memory Overwrite

Page 62

Sheet1

Page 63

Sheet1

Page 64

Sheet1

Page 65

Sheet1

Page 66

Sheet1

Page 67

Sheet1

Page 68

Sheet1

Page 69

Sheet1

Page 70

Sheet1

Page 71

Sheet1

Page 72

Sheet1

Page 73

Sheet1

ter Buffer Overflow

Page 74

Sheet1

Page 75

Sheet1

dFile() Method Overflow

Page 76

Sheet1

Page 77

Sheet1

Page 78

Sheet1

Page 79

Sheet1

Page 80

Sheet1

Page 81

Sheet1

Page 82

Sheet1

Page 83

Sheet1

Page 84

Sheet1

Page 85

Sheet1

Page 86

Sheet1

Page 87

Sheet1

Page 88

Sheet1

Page 89

Sheet1

Page 90

Sheet1

Page 91

Sheet1

Page 92

Sheet1

Page 93